www.sickkidsfoundation.com Open in urlscan Pro
107.154.138.76 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sickkidsfoundation.com/
Effective URL:
https://www.sickkidsfoundation.com/
Submission: On August 05 via manual (August 5th 2022, 8:13:27 pm UTC) from CA — Scanned from CA

Summary HTTP 137 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 47 IPs in 4 countries across 40 domains to perform 137 HTTP transactions. The main IP is 107.154.138.76, located in United States and belongs to INCAPSULA, US. The main domain is www.sickkidsfoundation.com.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2022 Q3 on July 31st 2022. Valid for: 6 months.

This is the only time www.sickkidsfoundation.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 27	107.154.138.76 107.154.138.76	19551 (INCAPSULA) (INCAPSULA)
3	2607:f8b0:400... 2607:f8b0:4006:81d::2008	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:808::200e	15169 (GOOGLE) (GOOGLE)
3 5	142.250.81.230 142.250.81.230	15169 (GOOGLE) (GOOGLE)
1	108.138.106.49 108.138.106.49	16509 (AMAZON-02) (AMAZON-02)
1	146.75.36.157 146.75.36.157	54113 (FASTLY) (FASTLY)
1	142.250.64.98 142.250.64.98	15169 (GOOGLE) (GOOGLE)
1	2600:141b:13:... 2600:141b:13::17d7:82d9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	108.138.113.94 108.138.113.94	16509 (AMAZON-02) (AMAZON-02)
2	2600:1400:d:4... 2600:1400:d:485::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	104.77.9.133 104.77.9.133	16625 (AKAMAI-AS) (AKAMAI-AS)
2	108.138.113.246 108.138.113.246	16509 (AMAZON-02) (AMAZON-02)
20	184.51.149.8 184.51.149.8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:23c... 2600:9000:23ca:d400:16:cfb1:a0c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	63.32.10.192 63.32.10.192	16509 (AMAZON-02) (AMAZON-02)
1 1	38.68.201.139 38.68.201.139	174 (COGENT-174) (COGENT-174)
2 2	142.250.72.98 142.250.72.98	15169 (GOOGLE) (GOOGLE)
2 2	4.78.226.224 4.78.226.224	3356 (LEVEL3) (LEVEL3)
2 2	52.20.245.254 52.20.245.254	14618 (AMAZON-AES) (AMAZON-AES)
2 3	3.218.90.66 3.218.90.66	14618 (AMAZON-AES) (AMAZON-AES)
6 6	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 2	68.67.179.87 68.67.179.87	29990 (ASN-APPNEX) (ASN-APPNEX)
2 4	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c06::9b	15169 (GOOGLE) (GOOGLE)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	104.18.100.194 104.18.100.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
2 2	54.221.252.20 54.221.252.20	14618 (AMAZON-AES) (AMAZON-AES)
1	52.71.37.99 52.71.37.99	14618 (AMAZON-AES) (AMAZON-AES)
1 6	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:822::2003	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
1	108.139.47.15 108.139.47.15	16509 (AMAZON-02) (AMAZON-02)
2	108.138.128.28 108.138.128.28	16509 (AMAZON-02) (AMAZON-02)
6	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	23.208.216.207 23.208.216.207	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.226.39.89 13.226.39.89	16509 (AMAZON-02) (AMAZON-02)
6	184.29.128.222 184.29.128.222	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2607:f8b0:400... 2607:f8b0:4006:806::2002	15169 (GOOGLE) (GOOGLE)
1	23.205.73.204 23.205.73.204	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
1	68.67.179.166 68.67.179.166	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2600:9000:214... 2600:9000:2140:8600:a:ac8:89c0:21	16509 (AMAZON-02) (AMAZON-02)
1	34.251.112.219 34.251.112.219	16509 (AMAZON-02) (AMAZON-02)
1	108.139.29.40 108.139.29.40	16509 (AMAZON-02) (AMAZON-02)
3	135.84.189.37 135.84.189.37	54527 (ASTUTEHOS...) (ASTUTEHOSTING)
2	34.248.70.121 34.248.70.121	16509 (AMAZON-02) (AMAZON-02)
1	3.220.57.224 3.220.57.224	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:234... 2600:9000:2349:4000:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	108.138.128.21 108.138.128.21	16509 (AMAZON-02) (AMAZON-02)
1	52.19.194.187 52.19.194.187	() ()
137	47

27 107.154.138.76 (United States) 1 redirects

ASN19551 (INCAPSULA, US)
PTR: 107.154.138.76.ip.incapdns.net

sickkidsfoundation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.sickkidsfoundation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81d::2008 (New York, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::200e (New York, United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:808::200e (New York, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.81.230 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f6.1e100.net

5627812.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-49.jfk50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.36.157 (Reston, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.64.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13::17d7:82d9 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.113.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-113-94.jfk50.r.cloudfront.net

d3htn85c6cao65.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1400:d:485::1931 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.77.9.133 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-77-9-133.deploy.static.akamaitechnologies.com

p.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.113.246 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-113-246.jfk50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 184.51.149.8 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-51-149-8.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:23ca:d400:16:cfb1:a0c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.c212.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.32.10.192 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-10-192.eu-west-1.compute.amazonaws.com

t.jabmo.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.68.201.139 (United States) 1 redirects

ASN174 (COGENT-174, US)

mpp.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.72.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 4.78.226.224 (Irving, United States) 2 redirects

ASN3356 (LEVEL3, US)

aep.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.20.245.254 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-245-254.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.218.90.66 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.223.40.198 (United States) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.179.87 (Secaucus, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.19.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.100.194 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.221.252.20 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-252-20.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.71.37.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-37-99.compute-1.amazonaws.com

ad.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.190.43.134 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81c::2004 (New York, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:822::2003 (New York, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80f::2002 (New York, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.47.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-15.jfk50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.128.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-28.jfk50.r.cloudfront.net

c212.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.208.216.207 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-208-216-207.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.39.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-39-89.ewr53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 184.29.128.222 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-128-222.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:806::2002 (New York, United States) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.205.73.204 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-73-204.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.246.49 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.179.166 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2140:8600:a:ac8:89c0:21 (United States)

ASN16509 (AMAZON-02, US)

d22d1xpx4ztuef.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.112.219 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-112-219.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.29.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-40.jfk50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 135.84.189.37 (Toronto, Canada)

ASN54527 (ASTUTEHOSTING, CA)

ads.connectedinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.248.70.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-70-121.eu-west-1.compute.amazonaws.com

c.jabmo.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.220.57.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-57-224.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2349:4000:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.128.21 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-21.jfk50.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.194.187 (None, )

ASN- ()

ws14.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	sickkidsfoundation.com 1 redirects sickkidsfoundation.com www.sickkidsfoundation.com	2 MB
20	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 894	146 KB
11	doubleclick.net 5 redirects 5627812.fls.doubleclick.net cm.g.doubleclick.net — Cisco Umbrella Rank: 208 stats.g.doubleclick.net — Cisco Umbrella Rank: 118 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 ad.doubleclick.net — Cisco Umbrella Rank: 214	7 KB
6	mathtag.com pixel.mathtag.com — Cisco Umbrella Rank: 968	5 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	978 B
6	google.com www.google.com — Cisco Umbrella Rank: 10 adservice.google.com — Cisco Umbrella Rank: 98	2 KB
6	snapchat.com 1 redirects tr.snapchat.com — Cisco Umbrella Rank: 898	2 KB
6	adsrvr.org 6 redirects insight.adsrvr.org — Cisco Umbrella Rank: 619 match.adsrvr.org — Cisco Umbrella Rank: 381	4 KB
5	google.ca 1 redirects www.google.ca — Cisco Umbrella Rank: 8100 adservice.google.ca — Cisco Umbrella Rank: 12886	2 KB
5	linkedin.com 5 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 361 www.linkedin.com — Cisco Umbrella Rank: 491 px4.ads.linkedin.com — Cisco Umbrella Rank: 5619	4 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	305 KB
5	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 642 script.hotjar.com — Cisco Umbrella Rank: 770 vars.hotjar.com — Cisco Umbrella Rank: 803 in.hotjar.com — Cisco Umbrella Rank: 1526 ws14.hotjar.com	69 KB
4	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 568 aa.agkn.com — Cisco Umbrella Rank: 451	3 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530	3 KB
4	jabmo.app t.jabmo.app — Cisco Umbrella Rank: 54817 c.jabmo.app — Cisco Umbrella Rank: 48275	8 KB
3	connectedinteractive.com ads.connectedinteractive.com — Cisco Umbrella Rank: 375235	1 KB
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 763	2 KB
3	crwdcntrl.net 2 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 834 ad.crwdcntrl.net — Cisco Umbrella Rank: 6856	1 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 238 secure.adnxs.com — Cisco Umbrella Rank: 462	3 KB
3	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 277	754 B
3	mxptint.net 3 redirects mpp.mxptint.net — Cisco Umbrella Rank: 17624 aep.mxptint.net — Cisco Umbrella Rank: 6045	2 KB
3	c212.net cdn.c212.net — Cisco Umbrella Rank: 12577 c212.net — Cisco Umbrella Rank: 8689	2 KB
3	teads.tv p.teads.tv — Cisco Umbrella Rank: 6028 cm.teads.tv — Cisco Umbrella Rank: 6315 t.teads.tv — Cisco Umbrella Rank: 2135	7 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 351	12 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	203 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 469	556 B
2	adsymptotic.com 1 redirects p.adsymptotic.com — Cisco Umbrella Rank: 428	539 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 188	2 KB
2	sc-static.net sc-static.net — Cisco Umbrella Rank: 952	16 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 756	20 KB
2	cloudfront.net d3htn85c6cao65.cloudfront.net d22d1xpx4ztuef.cloudfront.net	98 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 111	53 KB
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2743	251 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2143	258 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 506	354 B
1	t.co t.co — Cisco Umbrella Rank: 445	337 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 734	3 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 125	15 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 609	15 KB
137	40

	Domain	Requested by
26	www.sickkidsfoundation.com	www.sickkidsfoundation.com
20	analytics.tiktok.com	www.sickkidsfoundation.com analytics.tiktok.com
6	pixel.mathtag.com	c212.net pixel.mathtag.com www.sickkidsfoundation.com
6	www.facebook.com	www.sickkidsfoundation.com 5627812.fls.doubleclick.net
6	tr.snapchat.com	1 redirects sc-static.net www.sickkidsfoundation.com
5	connect.facebook.net	www.sickkidsfoundation.com connect.facebook.net 5627812.fls.doubleclick.net
4	www.google.ca	www.sickkidsfoundation.com
4	www.google.com	www.sickkidsfoundation.com
4	dsum-sec.casalemedia.com	2 redirects www.sickkidsfoundation.com 5627812.fls.doubleclick.net
4	match.adsrvr.org	4 redirects
3	ads.connectedinteractive.com	d3htn85c6cao65.cloudfront.net
3	ct.pinterest.com	s.pinimg.com www.sickkidsfoundation.com
3	googleads.g.doubleclick.net	www.googleadservices.com
3	px.ads.linkedin.com	3 redirects
3	ups.analytics.yahoo.com	2 redirects www.sickkidsfoundation.com
3	5627812.fls.doubleclick.net	1 redirects www.googletagmanager.com adservice.google.com
3	bat.bing.com	www.sickkidsfoundation.com bat.bing.com
3	www.googletagmanager.com	www.sickkidsfoundation.com www.googletagmanager.com
2	aa.agkn.com	1 redirects d.agkn.com
2	ad.doubleclick.net	2 redirects
2	d.agkn.com	5627812.fls.doubleclick.net
2	c.jabmo.app	d22d1xpx4ztuef.cloudfront.net
2	pixel.tapad.com	2 redirects
2	adservice.google.com	5627812.fls.doubleclick.net www.sickkidsfoundation.com
2	c212.net	cdn.c212.net
2	bcp.crwdcntrl.net	2 redirects
2	p.adsymptotic.com	1 redirects www.sickkidsfoundation.com
2	ib.adnxs.com	2 redirects
2	insight.adsrvr.org	2 redirects
2	dpm.demdex.net	2 redirects
2	aep.mxptint.net	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	t.jabmo.app	www.googletagmanager.com www.sickkidsfoundation.com
2	sc-static.net	www.sickkidsfoundation.com tr.snapchat.com
2	s.pinimg.com	www.sickkidsfoundation.com s.pinimg.com
2	www.google-analytics.com	www.googletagmanager.com www.sickkidsfoundation.com
2	www.youtube.com	www.sickkidsfoundation.com www.youtube.com
1	ws14.hotjar.com	script.hotjar.com
1	api.ipify.org	t.jabmo.app
1	vc.hotjar.io	script.hotjar.com
1	in.hotjar.com	script.hotjar.com
1	d22d1xpx4ztuef.cloudfront.net	t.jabmo.app
1	secure.adnxs.com	t.jabmo.app
1	t.teads.tv	www.sickkidsfoundation.com
1	adservice.google.ca	1 redirects
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	cm.teads.tv	p.teads.tv
1	ad.crwdcntrl.net	www.sickkidsfoundation.com
1	analytics.twitter.com	www.sickkidsfoundation.com
1	t.co	www.sickkidsfoundation.com
1	px4.ads.linkedin.com	1 redirects
1	www.linkedin.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	mpp.mxptint.net	1 redirects
1	cdn.c212.net	www.googletagmanager.com
1	p.teads.tv	www.googletagmanager.com
1	d3htn85c6cao65.cloudfront.net	www.sickkidsfoundation.com
1	snap.licdn.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	sickkidsfoundation.com	1 redirects
137	63

This site contains links to these domains. Also see Links.

Domain
secure.sickkidsfoundation.com
shop.sickkidsfoundation.com
gofundraise.sickkidsfoundation.com
www.sickkidsgetloud.ca
www.sickkidslottery.ca
www.facebook.com
www.twitter.com
www.youtube.com
www.instagram.com
www.imaginecanada.ca
www.sickkids.ca

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-07-31` - `2023-01-27`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-15` - `2022-08-13`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
teads.tv R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
*.c212.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-08` - `2023-01-06`	a year	crt.sh
*.jabmo.app Amazon	`2021-12-01` - `2022-12-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2022-02-22` - `2023-02-22`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-22` - `2023-02-22`	a year	crt.sh
*.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-01` - `2023-01-31`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.hotjar.io Amazon	`2022-07-18` - `2023-08-16`	a year	crt.sh
*.connectedinteractive.com Go Daddy Secure Certificate Authority - G2	`2022-03-23` - `2023-04-24`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2022-02-07` - `2023-03-10`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh

This page contains 11 frames:

Primary Page: https://www.sickkidsfoundation.com/
Frame ID: E0CB96E7D91FDBF23FAB526731B5FFAE
Requests: 116 HTTP requests in this frame

Frame: https://5627812.fls.doubleclick.net/activityi;dc_pre=CLql9sfBsPkCFfAKaAgddZEOtQ;src=5627812;type=sickk0;cat=sickk0;ord=4137422941129;gtm=2wg830;auiddc=2099963878.1659730401;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F
Frame ID: FBEE67DDC6527ACE9309B0E6BBC7ECC1
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=1da237a8-8122-4c02-9fcf-0aa6fde57222&_scsid=f2f210de-4538-4c9b-8ced-2e0d68c2994c&_sclid=d48af3c2-46a9-40fa-8e53-1b0a539215f9
Frame ID: EBDEE23407A99D0CF06964D700195371
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: BEAEE4843F0021962AC3B7E46CEC9F2A
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CLql9sfBsPkCFfAKaAgddZEOtQ;src=5627812;type=sickk0;cat=sickk0;ord=4137422941129;gtm=2wg830;auiddc=2099963878.1659730401;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F
Frame ID: 0B028F039BC3611582128DD6ADD27523
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-54d18b2ccd1c7fa42c71f18525ba4ad0.html
Frame ID: D4835349CFE785FAFF66C2A630D484C0
Requests: 1 HTTP requests in this frame

Frame: https://5627812.fls.doubleclick.net/ddm/fls/r/dc_pre=CLql9sfBsPkCFfAKaAgddZEOtQ;src=5627812;type=sickk0;cat=sickk0;ord=4137422941129;gtm=2wg830;auiddc=2099963878.1659730401;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F
Frame ID: 47493080F8A2F1710E43F0F98F931566
Requests: 6 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1659716289680&pnid=140&pcid=ea3fadd9-30f5-4179-a4cb-adfb2aaed7ca
Frame ID: CF96A2F04217B13AF10FE1DC42D9C696
Requests: 1 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=970762ed-79e1-4100-8116-ef342c9bc5e2&no_iframe=1&exsync=https%3A%2F%2Fc212.net%2Fc%2Fsync%3Fu%3D%26c%3DUS%26dmpId%3D1%26pid%3D%5BMM_UUID%5D&mt_lim=1&source=mathtag
Frame ID: 3487A5546B733A4BD01535A7185F2366
Requests: 5 HTTP requests in this frame

Frame: https://d.agkn.com/iframe/8301/?che=828170446&type=3888903
Frame ID: FBF2F0CBDA3645F27D8F05937356D3B5
Requests: 2 HTTP requests in this frame

Frame: https://d.agkn.com/iframe/8300/?che=828170446&type=3888903
Frame ID: 5AB61C96F4256CB919E118EBBE8F916F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SickKids Foundation | Donate

Page URL History Show full URLs

http://sickkidsfoundation.com/ HTTP 301
https://www.sickkidsfoundation.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

137
Requests

95 %
HTTPS

30 %
IPv6

40
Domains

63
Subdomains

47
IPs

4
Countries

2856 kB
Transfer

5409 kB
Size

73
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.sickkidsfoundation.com/donate
Title: Donate

Search URL Search Domain Scan URL

URL: https://shop.sickkidsfoundation.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://gofundraise.sickkidsfoundation.com/
Title: Fundraise

Search URL Search Domain Scan URL

URL: https://www.sickkidsgetloud.ca/?utm_campaign=fy23_events_getloud&utm_source=skf&utm_medium=display&utm_adtype=skfpanel
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://secure.sickkidsfoundation.com/donate/monthly?appeal=GEA-DIGT-HPG&utm_campaign=ddmmdalwayson&
Title: Give Monthly

Search URL Search Domain Scan URL

URL: https://www.sickkidslottery.ca/?utm_source=skf.com&utm_medium=display&utm_campaign=SKF_DDM_Lottery_C5_FY23&utm_adtype=Panel_bannerAd
Title: Buy Tickets

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sickkidsfoundation
Title: FB

Search URL Search Domain Scan URL

URL: http://www.twitter.com/sickkids
Title: TW

Search URL Search Domain Scan URL

URL: http://www.youtube.com/sickkidsfoundation
Title: YT

Search URL Search Domain Scan URL

URL: https://www.instagram.com/sickkidsvs/
Title: IG

Search URL Search Domain Scan URL

URL: http://www.imaginecanada.ca/standards

Search URL Search Domain Scan URL

URL: http://www.sickkids.ca/
Title: The Hospital For Sick Children

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sickkidsfoundation.com/ HTTP 301
https://www.sickkidsfoundation.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://5627812.fls.doubleclick.net/activityi;src=5627812;type=sickk0;cat=sickk0;ord=4137422941129;gtm=2wg830;auiddc=2099963878.1659730401;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F HTTP 302
https://5627812.fls.doubleclick.net/activityi;dc_pre=CLql9sfBsPkCFfAKaAgddZEOtQ;src=5627812;type=sickk0;cat=sickk0;ord=4137422941129;gtm=2wg830;auiddc=2099963878.1659730401;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F

Request Chain 49

https://mpp.mxptint.net/2/27791/?rnd=%n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_hm=UjM1Q0E5X0Y0MjcwODI2X0ZFODRCRTg%3D HTTP 302
https://aep.mxptint.net/sn.ashx HTTP 302
https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R35CA9_F4270826_FE84BE8&redir=https://aep.mxptint.net/sn.ashx?ak=1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=75557&dpuuid=R35CA9_F4270826_FE84BE8&redir=https://aep.mxptint.net/sn.ashx HTTP 302
https://aep.mxptint.net/sn.ashx HTTP 302
https://ups.analytics.yahoo.com/ups/56550/sync?uid=R35CA9_F4270826_FE84BE8&_origin=1

Request Chain 50

https://insight.adsrvr.org/track/conv/?adv=tkox4xf&ct=0:h5zomvk&fmt=3 HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=a5173ca8-93cc-432e-80bf-397a15d1c04c&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=a5173ca8-93cc-432e-80bf-397a15d1c04c&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-vrW.wLJE2uKHN4YDXcGziN44nfWoGhQ-~A&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=YTUxNzNjYTgtOTNjYy00MzJlLTgwYmYtMzk3YTE1ZDFjMDRj&gdpr=0&gdpr_consent=&ttd_tdid=a5173ca8-93cc-432e-80bf-397a15d1c04c HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=a5173ca8-93cc-432e-80bf-397a15d1c04c&google_gid=CAESEDWtpg4EGO5OxJrKcoSkKck&google_cver=1 HTTP 302
https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=a5173ca8-93cc-432e-80bf-397a15d1c04c HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3Da5173ca8-93cc-432e-80bf-397a15d1c04c HTTP 302
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=5526285292266926060&ttd_tdid=a5173ca8-93cc-432e-80bf-397a15d1c04c HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a5173ca8-93cc-432e-80bf-397a15d1c04c&expiration=1662322401&gdpr=0&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a5173ca8-93cc-432e-80bf-397a15d1c04c&expiration=1662322401&gdpr=0&gdpr_consent=&C=1

Request Chain 53

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1659730401275&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1659730401275&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2274266%26time%3D1659730401275%26url%3Dhttps%253A%252F%252Fwww.sickkidsfoundation.com%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1659730401275&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1659730401275&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQI9Kw-1EBAALQAAAYJvpBnf73l8sisIXVlkTha4g0rpS6x_edbWUQCDQ0J-RCgb32wOkcne HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=9ade370c-fd09-4a15-a4ea-bde9985b4114 HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=9ade370c-fd09-4a15-a4ea-bde9985b4114&_expected_cookie=2733183bb0662315954a18ace008a2e0

Request Chain 57

https://bcp.crwdcntrl.net/5/c=12995?https://ad.crwdcntrl.net/5/c=12995/pe=y/callback=ci_events.pool_callback HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=12995?https://ad.crwdcntrl.net/5/c=12995/pe=y/callback=ci_events.pool_callback HTTP 302
https://ad.crwdcntrl.net/5/c=12995/pe=y/callback=ci_events.pool_callback

Request Chain 105

https://adservice.google.ca/ddm/fls/i/dc_pre=CLql9sfBsPkCFfAKaAgddZEOtQ;src=5627812;type=sickk0;cat=sickk0;ord=4137422941129;gtm=2wg830;auiddc=2099963878.1659730401;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F HTTP 302
https://5627812.fls.doubleclick.net/ddm/fls/r/dc_pre=CLql9sfBsPkCFfAKaAgddZEOtQ;src=5627812;type=sickk0;cat=sickk0;ord=4137422941129;gtm=2wg830;auiddc=2099963878.1659730401;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F

Request Chain 107

https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1659730401646&_scsid=e1ed5950-6971-4429-ad6d-b993efd7d415&_sclid=8b87f5aa-2c41-4201-b6f0-e84635146de4 HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1659716289680%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1659716289680%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://tr.snapchat.com/cm/p?rand=1659716289680&pnid=140&pcid=ea3fadd9-30f5-4179-a4cb-adfb2aaed7ca

Request Chain 120

https://insight.adsrvr.org/track/conv/?adv=tkox4xf&ct=0:iug12rh&fmt=3 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a5173ca8-93cc-432e-80bf-397a15d1c04c&expiration=1662322401&gdpr=0&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a5173ca8-93cc-432e-80bf-397a15d1c04c&expiration=1662322401&gdpr=0&gdpr_consent=&C=1

Request Chain 124

https://ad.doubleclick.net/ddm/activity/src=8353444;type=invmedia;cat=pmmblpuf;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=8353444;dc_pre=CPnimsjBsPkCFUM8wQodYcwDkA;type=invmedia;cat=pmmblpuf;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=8353444;dc_pre=CPnimsjBsPkCFUM8wQodYcwDkA;type=invmedia;cat=pmmblpuf;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Request Chain 129

https://aa.agkn.com/adscores/ra.pixel?sid=9212273008 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adadvisor&ttd_tpi=1 HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9312270958&tdid=a5173ca8-93cc-432e-80bf-397a15d1c04c

137 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.sickkidsfoundation.com/
Redirect Chain

http://sickkidsfoundation.com/
https://www.sickkidsfoundation.com/

64 KB
10 KB

97ms
49ms

Document
text/html

107.154.138.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.138.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.138.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 36643988694291e3a9c48fb0e1ccaa78b8bea699a0fc1468be8648324af042af

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 05 Aug 2022 20:13:20 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-cdn: Imperva
x-iinfo: 4-29449481-29449485 NNNY CT(13 17 0) RT(1659730400387 21) q(0 0 0 0) r(0 0) U12

Redirect headers

Connection: close
Content-Length: 0
Location: https://www.sickkidsfoundation.com/

GET
H2 200 bootstrap-theme.min.css
www.sickkidsfoundation.com/css/dependencies/bootstrap3/ 23 KB
3 KB 36ms
35ms Stylesheet
text/css 107.154.138.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/css/dependencies/bootstrap3/bootstrap-theme.min.css
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.138.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.138.76.ip.incapdns.net
Software: /
Resource Hash: 8b273fe0ae11dfeb96f7a56f1b5ecd2d76500147927ad557356faa5227d17032

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:20 GMT
content-encoding: gzip
last-modified: Thu, 04 Aug 2022 22:01:48 GMT
x-cdn: Imperva
etag: "0eeccb4da8d81:0"
content-type: text/css
x-iinfo: 4-29449481-29446293 2VNN RT(1659730400387 77) q(0 0 0 -1) r(0 0)
cache-control: max-age=16, public
content-length: 2769
expires: Fri, 05 Aug 2022 20:13:36 GMT

GET
H2 200 bootstrap.min.css
www.sickkidsfoundation.com/css/dependencies/bootstrap3/ 118 KB
27 KB 39ms
38ms Stylesheet
text/css 107.154.138.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/css/dependencies/bootstrap3/bootstrap.min.css
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.138.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.138.76.ip.incapdns.net
Software: /
Resource Hash: 5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:20 GMT
content-encoding: gzip
last-modified: Thu, 04 Aug 2022 22:01:48 GMT
x-cdn: Imperva
etag: "0eeccb4da8d81:0"
content-type: text/css
x-iinfo: 4-29449481-29449117 2VNN RT(1659730400387 81) q(0 0 0 -1) r(0 0)
cache-control: max-age=16, public
content-length: 27680
expires: Fri, 05 Aug 2022 20:13:36 GMT

GET
H2 200 longpageBundle
www.sickkidsfoundation.com/bundles/css/ 100 KB
22 KB 57ms
56ms Stylesheet
text/css 107.154.138.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=DwxrMtI_w3fgYlE8zHHXkuD__Q_JCI62LiBWHRHYIJo1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.138.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.138.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: d81237edecc60b20a8149e60a4b396187e1f7028d8146e906408962153b269b3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:20 GMT
content-encoding: gzip
last-modified: Fri, 05 Aug 2022 20:13:20 GMT
server: Microsoft-IIS/10.0
vary: User-Agent,Accept-Encoding
content-type: text/css; charset=utf-8
x-iinfo: 4-29449481-29449490 2NNN RT(1659730400387 84) q(0 0 0 -1) r(0 1)
cache-control: public
content-length: 21823
x-cdn: Imperva
expires: Sat, 05 Aug 2023 20:13:20 GMT

GET
H2 200 modernizr Show response
www.sickkidsfoundation.com/bundles/ 3 KB
2 KB 55ms
54ms Script
text/javascript 107.154.138.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/bundles/modernizr?v=9yygsVk3I-guoeu6EUt0fzBjgzee2gP6Y9SNVDkhZoc1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.138.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.138.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 44cec66e8f45f1c1573be7ee656b280f475f07b608982b8e68c742363d202ee1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:20 GMT
content-encoding: gzip
last-modified: Fri, 05 Aug 2022 20:13:20 GMT
server: Microsoft-IIS/10.0
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
x-iinfo: 4-29449481-29446291 2NNN RT(1659730400387 87) q(0 0 0 -1) r(0 0)
cache-control: public
content-length: 1615
x-cdn: Imperva
expires: Sat, 05 Aug 2023 20:13:20 GMT

GET
H2 200 header Show response
www.sickkidsfoundation.com/bundles/ 159 B
299 B 56ms
55ms Script
text/javascript 107.154.138.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/bundles/header?v=dJ6LOVfv49i9fuAW3MbtcyjUkVM3bJ8e5r4OUmJ-dUE1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.138.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.138.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 694bc35fc07d7091b82ee02e6b7cbcacc69edb23c9dfd515a18647d684456c51

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:20 GMT
content-encoding: gzip
last-modified: Fri, 05 Aug 2022 20:13:20 GMT
server: Microsoft-IIS/10.0
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
x-iinfo: 4-29449481-29449493 2NNN RT(1659730400387 89) q(0 0 0 -1) r(0 0)
cache-control: public
content-length: 214
x-cdn: Imperva
expires: Sat, 05 Aug 2023 20:13:20 GMT

GET
H2 200 jquery Show response
www.sickkidsfoundation.com/bundles/ 91 KB
41 KB 57ms
56ms Script
text/javascript 107.154.138.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/bundles/jquery?v=7AMc9pBn1GIYDuJDXGstN7nku_447XMEtvGIFvLEuGs1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.138.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.138.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: b6cb09e57c1ed08553566bda474cf9681c03fc4ba091731c81c78a6a4226740b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:20 GMT
content-encoding: gzip
last-modified: Fri, 05 Aug 2022 20:13:20 GMT
server: Microsoft-IIS/10.0
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
x-iinfo: 4-29449481-29449496 2NNN RT(1659730400387 93) q(0 0 0 -1) r(0 1)
cache-control: public
content-length: 42005
x-cdn: Imperva
expires: Sat, 05 Aug 2023 20:13:20 GMT

GET
H2 200 2020-vs-flat_skfwebsite_r.ashx
www.sickkidsfoundation.com/-/media/images/skf/common/ 82 KB
83 KB 45ms
44ms Image
image/png 107.154.138.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/skf/common/2020-vs-flat_skfwebsite_r.ashx?h=160&w=240&la=en&hash=B394A17CB92126A2E58BDBD01A248B75
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.138.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.138.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 198f185492b002abf346368e3c4ef32ba0113626d588e607e5ed1997bc9c8906

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:20 GMT
last-modified: Tue, 31 Aug 2021 20:08:13 GMT
server: Microsoft-IIS/10.0
content-type: image/png
x-iinfo: 4-29449481-29449485 PNNy RT(1659730400387 152) q(0 0 0 -1) r(0 0) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="2020 VS FLAT_SKFWebsite_R.png"
accept-ranges: bytes
content-length: 84444
x-cdn: Imperva

GET
H2 200 desktop-1280-x-7722x.ashx
www.sickkidsfoundation.com/-/media/images/skf/homepage-mixed-component-images/top-hero-panel/ 919 KB
920 KB 50ms
48ms Image
image/jpeg 107.154.138.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/skf/homepage-mixed-component-images/top-hero-panel/desktop-1280-x-7722x.ashx
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.138.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.138.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: df594535b89c39169b9e7f80a44941fb3bb2ad772dde6a907d65079ff4705543

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:20 GMT
last-modified: Fri, 15 Jul 2022 20:59:02 GMT
server: Microsoft-IIS/10.0
content-type: image/jpeg
x-iinfo: 4-29449481-29449504 NNNY CT(13 17 0) RT(1659730400387 163) q(0 0 0 -1) r(0 0) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="desktop 1280 x 7722x.jpg"
accept-ranges: bytes
content-length: 941130
x-cdn: Imperva

GET
H2 200 0622032fy23q2_desktop1280widthx772.ashx
www.sickkidsfoundation.com/-/media/images/skf/homepage-mixed-component-images/top-hero-panel/ 290 KB
291 KB 51ms
50ms Image
image/jpeg 107.154.138.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/skf/homepage-mixed-component-images/top-hero-panel/0622032fy23q2_desktop1280widthx772.ashx
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.138.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.138.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: d4461864b8c2ad337074dac173bb798528b7ae856ca76329b674ed537800d8be

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:20 GMT
last-modified: Thu, 30 Jun 2022 18:44:58 GMT
server: Microsoft-IIS/10.0
content-type: image/jpeg
x-iinfo: 4-29449481-29449506 NNNY CT(13 16 0) RT(1659730400387 164) q(0 0 0 -1) r(0 0) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="0622032FY23Q2_DESKTOP1280widthx772.jpg"
accept-ranges: bytes
content-length: 297324
x-cdn: Imperva

GET
H2 200 cta-block.ashx
www.sickkidsfoundation.com/-/media/images/skf/homepage-mixed-component-images/ 35 KB
35 KB 56ms
55ms Image
image/jpeg 107.154.138.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/skf/homepage-mixed-component-images/cta-block.ashx
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.138.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.138.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 0dbe4e359691cb6e52645dd62f303ca38a794fc0007ce21216c970618bf34c3f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:20 GMT
last-modified: Thu, 28 Sep 2017 16:24:07 GMT
server: Microsoft-IIS/10.0
content-type: image/jpeg
x-iinfo: 4-29449481-29449508 NNNY CT(13 15 0) RT(1659730400387 166) q(0 0 0 -1) r(0 0) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="cta-block.jpg"
accept-ranges: bytes
content-length: 35839
x-cdn: Imperva

GET
H2 200 0622-009-spring-lottery-skf-banner-desktop-1280x772.ashx
www.sickkidsfoundation.com/-/media/images/skf/homepage-mixed-component-images/mixed-content-video/ 231 KB
231 KB 60ms
59ms Image
image/jpeg 107.154.138.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/skf/homepage-mixed-component-images/mixed-content-video/0622-009-spring-lottery-skf-banner-desktop-1280x772.ashx
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.138.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.138.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 9e9b9462f61f896d43260f5da0d1919e8a114f29169ec31a31b2abf9379fe481

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:20 GMT
last-modified: Tue, 02 Aug 2022 15:10:30 GMT
server: Microsoft-IIS/10.0
content-type: image/jpeg
x-iinfo: 4-29449481-29449510 NNNY CT(14 13 0) RT(1659730400387 167) q(0 0 0 -1) r(0 0) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="0622-009-Spring-Lottery-SKF-Banner-Desktop-1280x772.jpg"
accept-ranges: bytes
content-length: 236203
x-cdn: Imperva

GET
H2 200 longpage Show response
www.sickkidsfoundation.com/bundles/ 26 KB
11 KB 36ms
35ms Script
text/javascript 107.154.138.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/bundles/longpage?v=znuKl3m7ZKp6rrhj-olcoT_erUeXjYuV-V3qDmagw-A1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.138.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.138.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 06ee1945f49d2b63fb4bd1e21c880cfd59480b896aa570edf42d46a78706947c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:20 GMT
content-encoding: gzip
last-modified: Fri, 05 Aug 2022 20:13:20 GMT
server: Microsoft-IIS/10.0
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
x-iinfo: 4-29449481-29449496 2NNN RT(1659730400387 141) q(0 0 0 -1) r(0 0)
cache-control: public
content-length: 11071
x-cdn: Imperva
expires: Sat, 05 Aug 2023 20:13:20 GMT

GET
H2 200 _Incapsula_Resource Show response
www.sickkidsfoundation.com/ 143 KB
20 KB 31ms
31ms Script
application/javascript 107.154.138.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1327332085
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.138.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.138.76.ip.incapdns.net
Software: /
Resource Hash: bb7ee03a7dc851fb872f5fa8eea8c2427ae23f290455d7d00613bcbfe57bb751

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-encoding: gzip
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 20590
content-type: application/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 536 KB
117 KB 181ms
132ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3959fe434251fc2dd24eef0f92b8f2d3e17681625b3dd392b1bf73a8c83cc7f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119682
x-xss-protection: 0
last-modified: Fri, 05 Aug 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 Aug 2022 20:13:21 GMT

GET
H2 200 desktop-header-background.png
www.sickkidsfoundation.com/images/ 40 KB
40 KB 43ms
42ms Image
image/png 107.154.138.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/images/desktop-header-background.png
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=DwxrMtI_w3fgYlE8zHHXkuD__Q_JCI62LiBWHRHYIJo1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.138.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.138.76.ip.incapdns.net
Software: /
Resource Hash: d6af43677b5ee5433fab178cd71cfe6e141078fb257c7a73bc320ec9766f3e02

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=DwxrMtI_w3fgYlE8zHHXkuD__Q_JCI62LiBWHRHYIJo1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:20 GMT
last-modified: Thu, 04 Aug 2022 22:01:48 GMT
x-cdn: Imperva
etag: "0eeccb4da8d81:0"
content-type: image/png
x-iinfo: 4-29449481-29448542 2VNN RT(1659730400387 176) q(0 0 0 -1) r(0 0)
cache-control: max-age=16, public
content-length: 41317
expires: Fri, 05 Aug 2022 20:13:36 GMT

GET
H2 200 Montserrat-Regular.woff2
www.sickkidsfoundation.com/fonts/ 9 KB
10 KB 61ms
60ms Font
application/font-woff2 107.154.138.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/fonts/Montserrat-Regular.woff2
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=DwxrMtI_w3fgYlE8zHHXkuD__Q_JCI62LiBWHRHYIJo1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.138.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.138.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 905de7fd4899868cd6349387996673bd1cdfe3768d409f844bd8b0796b0f35ec

Request headers

Referer: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=DwxrMtI_w3fgYlE8zHHXkuD__Q_JCI62LiBWHRHYIJo1
Origin: https://www.sickkidsfoundation.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:20 GMT
last-modified: Thu, 04 Aug 2022 22:01:48 GMT
server: Microsoft-IIS/10.0
etag: "0eeccb4da8d81:0"
content-type: application/font-woff2
x-iinfo: 4-29449481-29449496 2NNN RT(1659730400387 179) q(0 0 0 -1) r(0 0) U12
accept-ranges: bytes
content-length: 9624
x-cdn: Imperva

GET
H2 200 Montserrat-Bold.woff2
www.sickkidsfoundation.com/fonts/ 9 KB
10 KB 62ms
61ms Font
application/font-woff2 107.154.138.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/fonts/Montserrat-Bold.woff2
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=DwxrMtI_w3fgYlE8zHHXkuD__Q_JCI62LiBWHRHYIJo1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.138.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.138.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 764321796f5e9fa203bf462c491502a824f60e5e1a5f81be8f00cad70528207b

Request headers

Referer: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=DwxrMtI_w3fgYlE8zHHXkuD__Q_JCI62LiBWHRHYIJo1
Origin: https://www.sickkidsfoundation.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:20 GMT
last-modified: Thu, 04 Aug 2022 22:01:48 GMT
server: Microsoft-IIS/10.0
etag: "0eeccb4da8d81:0"
content-type: application/font-woff2
x-iinfo: 4-29449481-29449490 2NNN RT(1659730400387 181) q(0 0 0 -1) r(0 0) U12
accept-ranges: bytes
content-length: 9588
x-cdn: Imperva

GET
H2 200 skf.woff
www.sickkidsfoundation.com/fonts/ 5 KB
5 KB 63ms
63ms Font
font/x-woff 107.154.138.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/fonts/skf.woff
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=DwxrMtI_w3fgYlE8zHHXkuD__Q_JCI62LiBWHRHYIJo1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.138.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.138.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 14e0e9e6ada3040dacca5c75fa38a833a2c07e07313f4c597da40c0a9d563d90

Request headers

Referer: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=DwxrMtI_w3fgYlE8zHHXkuD__Q_JCI62LiBWHRHYIJo1
Origin: https://www.sickkidsfoundation.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:20 GMT
last-modified: Thu, 04 Aug 2022 22:01:48 GMT
server: Microsoft-IIS/10.0
etag: "0eeccb4da8d81:0"
content-type: font/x-woff
x-iinfo: 4-29449481-29449493 2NNN RT(1659730400387 182) q(0 0 0 -1) r(1 1) U12
accept-ranges: bytes
content-length: 5400
x-cdn: Imperva

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 159ms
110ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FD5941C14FDC47B89C1342ED5EFDA357 Ref B: YTO01EDGE0518 Ref C: 2022-08-05T20:13:20Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Fri, 05 Aug 2022 20:13:20 GMT
accept-ranges: bytes
content-length: 11367

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 118ms
57ms Script
text/javascript 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/longpage?v=znuKl3m7ZKp6rrhj-olcoT_erUeXjYuV-V3qDmagw-A1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f7d647330ef8b48d3f3c4474cae466809967e6b17c95ff9a0ce4ba90679daf2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Fri, 05 Aug 2022 20:13:21 GMT

GET
H2 200 scroll-notice.png
www.sickkidsfoundation.com/images/longpage/ 3 KB
3 KB 68ms
67ms Image
image/png 107.154.138.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/images/longpage/scroll-notice.png
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=DwxrMtI_w3fgYlE8zHHXkuD__Q_JCI62LiBWHRHYIJo1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.138.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.138.76.ip.incapdns.net
Software: /
Resource Hash: 9611157a5a58bb3e7b32b98a53aaa7f8ef7043e1748a638923f567cb01cfcb3d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=DwxrMtI_w3fgYlE8zHHXkuD__Q_JCI62LiBWHRHYIJo1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:20 GMT
last-modified: Thu, 04 Aug 2022 22:01:48 GMT
x-cdn: Imperva
etag: "0eeccb4da8d81:0"
content-type: image/png
x-iinfo: 4-29449481-29449493 2VNN RT(1659730400387 193) q(0 1 1 -1) r(1 1)
cache-control: max-age=16, public
content-length: 3393
expires: Fri, 05 Aug 2022 20:13:36 GMT

GET
H2 200 sickkids-footer-logo.png
www.sickkidsfoundation.com/images/ 3 KB
3 KB 80ms
77ms Image
image/png 107.154.138.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/images/sickkids-footer-logo.png
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=DwxrMtI_w3fgYlE8zHHXkuD__Q_JCI62LiBWHRHYIJo1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.138.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.138.76.ip.incapdns.net
Software: /
Resource Hash: a9bae822288365e478a012a878f420a8d882140366921b778ee6f04883aaa96b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=DwxrMtI_w3fgYlE8zHHXkuD__Q_JCI62LiBWHRHYIJo1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:20 GMT
last-modified: Thu, 04 Aug 2022 22:01:48 GMT
x-cdn: Imperva
etag: "0eeccb4da8d81:0"
content-type: image/png
x-iinfo: 4-29449481-29448542 2VNN RT(1659730400387 195) q(0 1 1 -1) r(1 1)
cache-control: max-age=16, public
content-length: 3055
expires: Fri, 05 Aug 2022 20:13:36 GMT

GET
H2 200 trustmark.png
www.sickkidsfoundation.com/images/ 17 KB
17 KB 86ms
84ms Image
image/png 107.154.138.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/images/trustmark.png
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=DwxrMtI_w3fgYlE8zHHXkuD__Q_JCI62LiBWHRHYIJo1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.138.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.138.76.ip.incapdns.net
Software: /
Resource Hash: f70d6b776764d40f70d36c0d47cbf3cf94d8cfa967b5249d986c0dc5e6f8ab89

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=DwxrMtI_w3fgYlE8zHHXkuD__Q_JCI62LiBWHRHYIJo1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:20 GMT
last-modified: Thu, 04 Aug 2022 22:01:48 GMT
x-cdn: Imperva
etag: "0eeccb4da8d81:0"
content-type: image/png
x-iinfo: 4-29449481-29449493 2VNN RT(1659730400387 197) q(0 1 1 -1) r(1 1)
cache-control: max-age=16, public
content-length: 16916
expires: Fri, 05 Aug 2022 20:13:36 GMT

GET
H2 200 footer-hbar-dots.png
www.sickkidsfoundation.com/images/ 105 B
243 B 87ms
85ms Image
image/png 107.154.138.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/images/footer-hbar-dots.png
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=DwxrMtI_w3fgYlE8zHHXkuD__Q_JCI62LiBWHRHYIJo1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.138.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.138.76.ip.incapdns.net
Software: /
Resource Hash: 61ed697adcb10f1530bf63fd24d054c4b349911eb7e32d73300ebec8b792af65

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=DwxrMtI_w3fgYlE8zHHXkuD__Q_JCI62LiBWHRHYIJo1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:20 GMT
last-modified: Thu, 04 Aug 2022 22:01:48 GMT
x-cdn: Imperva
etag: "0eeccb4da8d81:0"
content-type: image/png
x-iinfo: 4-29449481-29449496 2VNN RT(1659730400387 198) q(0 1 1 -1) r(1 1)
cache-control: max-age=17, public
content-length: 105
expires: Fri, 05 Aug 2022 20:13:37 GMT

GET
DATA 200
OK truncated
/ 207 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8435aa6b4c48c34a0c144ef1ff3a9ff10559ecc2b4331c8de0673923032266f3

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Oswald-Light.woff2
www.sickkidsfoundation.com/fonts/ 21 KB
21 KB 49ms
49ms Font
application/font-woff2 107.154.138.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/fonts/Oswald-Light.woff2
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=DwxrMtI_w3fgYlE8zHHXkuD__Q_JCI62LiBWHRHYIJo1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.138.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.138.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 92d37ecd96baf17cac29d16b9f2ff45ef00d4179e5d1f7ab786a4005d3b8e2ff

Request headers

Referer: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=DwxrMtI_w3fgYlE8zHHXkuD__Q_JCI62LiBWHRHYIJo1
Origin: https://www.sickkidsfoundation.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:20 GMT
last-modified: Thu, 04 Aug 2022 22:01:48 GMT
server: Microsoft-IIS/10.0
etag: "0eeccb4da8d81:0"
content-type: application/font-woff2
x-iinfo: 4-29449481-29449496 2NNN RT(1659730400387 199) q(0 0 0 -1) r(1 1) U12
accept-ranges: bytes
content-length: 21008
x-cdn: Imperva

GET
H2 200 Oswald-Bold.woff2
www.sickkidsfoundation.com/fonts/ 17 KB
17 KB 52ms
51ms Font
application/font-woff2 107.154.138.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/fonts/Oswald-Bold.woff2
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=DwxrMtI_w3fgYlE8zHHXkuD__Q_JCI62LiBWHRHYIJo1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.138.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.138.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 1598d5561779547d3fb26f8c6d016653de34203d8ac2b711cc64cb22356db68a

Request headers

Referer: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=DwxrMtI_w3fgYlE8zHHXkuD__Q_JCI62LiBWHRHYIJo1
Origin: https://www.sickkidsfoundation.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:20 GMT
last-modified: Thu, 04 Aug 2022 22:01:48 GMT
server: Microsoft-IIS/10.0
etag: "0eeccb4da8d81:0"
content-type: application/font-woff2
x-iinfo: 4-29449481-29448542 2NNN RT(1659730400387 199) q(0 0 0 -1) r(1 1) U12
accept-ranges: bytes
content-length: 17504
x-cdn: Imperva

GET
H2 200 Oswald-Regular.woff2
www.sickkidsfoundation.com/fonts/ 16 KB
16 KB 69ms
69ms Font
application/font-woff2 107.154.138.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/fonts/Oswald-Regular.woff2
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=DwxrMtI_w3fgYlE8zHHXkuD__Q_JCI62LiBWHRHYIJo1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.138.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.138.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 51f7f156fa7d1ca539d8c26cc8f8e4dfc5c8ebe6d75c1ec906a3bac51e202120

Request headers

Referer: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=DwxrMtI_w3fgYlE8zHHXkuD__Q_JCI62LiBWHRHYIJo1
Origin: https://www.sickkidsfoundation.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:20 GMT
last-modified: Thu, 04 Aug 2022 22:01:48 GMT
server: Microsoft-IIS/10.0
etag: "0eeccb4da8d81:0"
content-type: application/font-woff2
x-iinfo: 4-29449481-29449524 2NNN RT(1659730400387 206) q(0 1 1 -1) r(1 1) U12
accept-ranges: bytes
content-length: 16020
x-cdn: Imperva

GET
H2 200 _Incapsula_Resource
www.sickkidsfoundation.com/ 1 B
49 B 122ms
122ms Image
text/plain 107.154.138.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/_Incapsula_Resource?SWKMTFSR=1&e=0.5365865724334136
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.138.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.138.76.ip.incapdns.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/2fd212f2/www-widgetapi.vflset/ 158 KB
52 KB 22ms
21ms Script
text/javascript 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/2fd212f2/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7641b6626459a876451588bb7b10ed335864a772059289d20d974d27da3edd14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 12:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27568
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52536
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 00:21:08 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 05 Aug 2023 12:33:53 GMT

GET
H2 204 25070334.js Show response
bat.bing.com/p/action/ 0
137 B 35ms
35ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/25070334.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7E9106D26E3C49288FDA46A050948840 Ref B: YTO01EDGE0518 Ref C: 2022-08-05T20:13:21Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Fri, 05 Aug 2022 20:13:21 GMT

GET
H2 204 0
bat.bing.com/action/ 0
176 B 90ms
90ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=25070334&Ver=2&mid=a201afe4-86b1-4136-b6ba-a56547683a5c&sid=0d4e4f4014fb11edb5228518feeed97f&vid=0d4e846014fb11edb3432775e50e2e07&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=SickKids%20Foundation%20%7C%20Donate&kw=SickKids%20Foundation,%20hospital%20foundation,%20children%27s%20hospital%20foundation,%20donate,%20donate%20online,%20children%27s%20charity,%20fund%20the%20fight,%20fundthefight.ca&p=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&r=&lt=308&evt=pageLoad&sv=1&rn=297474

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 348051D1639448A89F06365CFB7E5EA0 Ref B: YTO01EDGE0518 Ref C: 2022-08-05T20:13:21Z
date: Fri, 05 Aug 2022 20:13:21 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 77ms
20ms Script
text/javascript 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6469
date: Fri, 05 Aug 2022 18:25:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 05 Aug 2022 20:25:32 GMT

GET
H3

200

activityi;dc_pre=CLql9sfBsPkCFfAKaAgddZEOtQ;src=5627812;type=sickk0;cat=sickk0;ord=4137422941129;gtm=2wg830;auiddc=2099963878.1659730401;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F Show response
5627812.fls.doubleclick.net/ Frame FBEE
Redirect Chain

https://5627812.fls.doubleclick.net/activityi;src=5627812;type=sickk0;cat=sickk0;ord=4137422941129;gtm=2wg830;auiddc=2099963878.1659730401;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F?
https://5627812.fls.doubleclick.net/activityi;dc_pre=CLql9sfBsPkCFfAKaAgddZEOtQ;src=5627812;type=sickk0;cat=sickk0;ord=4137422941129;gtm=2wg830;auiddc=2099963878.1659730401;~oref=https%3A%2F%2Fwww....

491 B
409 B

85ms
40ms

Document
text/html

142.250.81.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5627812.fls.doubleclick.net/activityi;dc_pre=CLql9sfBsPkCFfAKaAgddZEOtQ;src=5627812;type=sickk0;cat=sickk0;ord=4137422941129;gtm=2wg830;auiddc=2099963878.1659730401;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f6.1e100.net

Software

cafe /

Resource Hash

7e0ffaf0eb7ecca4fe8ce427d739276c40d8f58abf5cca3bc2bc93d1c57cb787

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 384
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 Aug 2022 20:13:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 Aug 2022 20:13:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5627812.fls.doubleclick.net/activityi;dc_pre=CLql9sfBsPkCFfAKaAgddZEOtQ;src=5627812;type=sickk0;cat=sickk0;ord=4137422941129;gtm=2wg830;auiddc=2099963878.1659730401;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 hotjar-302599.js Show response
static.hotjar.com/c/ 5 KB
3 KB 161ms
50ms Script
application/javascript 108.138.106.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-302599.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-49.jfk50.r.cloudfront.net

Software

Resource Hash

2978a3d244df5e7d0506b3e61ca3cf236477c2f9fb5d84b89fd1d14e3b8f1f6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
age: 49
x-cache: Hit from cloudfront
date: Fri, 05 Aug 2022 20:12:37 GMT
cross-origin-resource-policy: cross-origin
via: 1.1 01b6e75b22243ae76d6d282c014927c6.cloudfront.net (CloudFront)
cache-control: max-age=60
etag: W/126f74c0fe385dcbb139830aadf33d1e
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: JFK50-P3
x-amz-cf-id: i9lSKxjPHrbY2vjG4oVw3ISBHFTJYp22rxXg7fkig2ExJk5_MIyl5Q==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 91ms
27ms Script
application/javascript 146.75.36.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1287fc0aa84dc8d13adf7173f344a0143511840be8c95fa6203396984a462d4b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:21 GMT
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:17:28 GMT
etag: "58faa0bb9a63121ea57a3106609bc291+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 15291
x-served-by: cache-iad-kcgs7200062-IAD

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 138ms
70ms Script
text/javascript 142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

cafe /

Resource Hash

406e6ea57a19595b0e6786f2774801bf150aa9adea1c102abd6127632fcbdc5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15165
x-xss-protection: 0
server: cafe
etag: 6365998374961989006
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 05 Aug 2022 20:13:21 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 86ms
22ms Script
application/x-javascript 2600:141b:13::17d7:82d9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82d9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:21 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2022 23:25:22 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=57790
accept-ranges: bytes
content-length: 3085

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 71ms
20ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

504178d8f9ce2c6276178139240bf8a86bb59bf611230105aeebd05d09a6004f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26465
x-xss-protection: 0
pragma: public
x-fb-debug: AbsX3Lb7Hc41hqsgBG0+QRvnCzja1ey5jVYYMmJgYhrii6tqNHbOhGinN1iuP9M0soPsYbChib7ZXJfUYAQm3w==
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 05 Aug 2022 20:13:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK ci_events.js Show response
d3htn85c6cao65.cloudfront.net/libraries/ 25 KB
25 KB 94ms
21ms Script
application/javascript 108.138.113.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3htn85c6cao65.cloudfront.net/libraries/ci_events.js
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.113.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-113-94.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5edc0a6a6d86fd6d723b61d5062a1a1e2bcf3b770cdb22d9ce5ec42ad963b6c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 00:36:31 GMT
Via: 1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
Last-Modified: Tue, 31 May 2022 17:42:07 GMT
Server: AmazonS3
Age: 70611
ETag: "5ca4d237239a28fb75d956c308e14192"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: JFK50-P3
Accept-Ranges: bytes
Content-Length: 25261
X-Amz-Cf-Id: iMPAt23Bfj_pdXynOuuGY9ftOJ1IjksHYBCx4re2CXRHqS3dpQ-4DA==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
45 KB 84ms
42ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-880455918

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a1bf879a3115ddb215eee5d6b1a485e36f14050a390cda9491811126e002e5f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45593
x-xss-protection: 0
last-modified: Fri, 05 Aug 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 Aug 2022 20:13:21 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 113ms
43ms Script
application/javascript 2600:1400:d:485::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:485::1931 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a67117312ce631cdfc251dfbb90058bc01e3849deb0cd7fed130745b5813d1b2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "2dda33348480d93c64a825f2616f03ce"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1142
access-control-expose-headers: X-CDN

GET
H/1.1 200
OK teads-fellow.js Show response
p.teads.tv/ 17 KB
6 KB 119ms
26ms Script
application/javascript 104.77.9.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.teads.tv/teads-fellow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.77.9.133 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-77-9-133.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7fc4e7e24bdfb9955a95e4ff4904f160455ff3ff48fd88aead4bad5153ba0a67

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Fri, 05 Aug 2022 20:13:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jun 2022 07:41:03 GMT
Server: AmazonS3
x-amz-request-id: GJAGH0PVFFPEHBC2
ETag: "a483ab54f15ef5b4755923baf02b68cb"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=344
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5706
x-amz-id-2: wkvQ6mAd0uCxGIxEoelCzs6jSTpSQIq80Zhc8maw89wya/jPF0i098wjHJdDVU53wVWe0yBiCAU=

GET
H2 200 scevent.min.js Show response
sc-static.net/ 22 KB
8 KB 98ms
45ms Script
application/javascript 108.138.113.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.113.246 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-113-246.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 37890dea5b2726064a174b28b90faf16d51fed898d0f37e2fb0342161593d68c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:21 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: JFK50-P3
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 7821
via: 1.1 749177a97cae42477f22c33c927ca0ce.cloudfront.net (CloudFront)
x-amz-cf-id: fJ71efSZkqu-LRq65UBWyUzpbR5P2adJtdGtKJ_bbHzBSwchjAVPaA==

GET
H2 200 sdk.js Show response
analytics.tiktok.com/i18n/pixel/ 149 KB
43 KB 126ms
31ms Script
application/javascript 184.51.149.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BTD7IIOQDRQCQF14MJL0
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.149.8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-51-149-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d2dfbe6cc065a9c886a21d8844671f9511f12ceba4df247cd5cfae700701b570

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 20:13:21 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2022080520132135F92AA5E0FA58F50526
vary: Accept-Encoding
x-cache: TCP_MISS from a184-51-149-4.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 14,184.51.149.4
x-tt-trace-host: 01c46ea8ae7269cf4d3136b37cd08657f47b246efd8e793473805ada5cc0e2ba851c03bcfc30c677dc84a1740fb8b7fc330fc678bf47fe6c9a147efe341cd7abfe824729b817dcff501377578df4649611
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=14
x-akamai-request-id: a3c6e63
expires: Fri, 05 Aug 2022 20:13:21 GMT

GET
H2 200 c.min.js Show response
cdn.c212.net/ 747 B
1 KB 72ms
18ms Script
application/javascript 2600:9000:23ca:d400:16:cfb1:a0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.c212.net/c.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:d400:16:cfb1:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10fdc76cd92396525cf18941196d2251aa4d0c05ba2a0a5421e3af99c01503ae

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 07:25:50 GMT
via: 1.1 50670fc09f8465be7ae4adcf6e33ab7a.cloudfront.net (CloudFront)
last-modified: Fri, 24 Jan 2020 19:12:36 GMT
server: AmazonS3
age: 46052
etag: "9f5634a151b9e5ecb2adec9462f783d6"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: JFK50-P2
accept-ranges: bytes
content-length: 747
x-amz-cf-id: 9dmdq9XtfuQa4lMIZA5QOW1DM0oeluaAJXAs9ebtrJMOUTrwsCmGZw==

GET
H2 200 tag Show response
t.jabmo.app/ 7 KB
8 KB 339ms
124ms Script
application/javascript 63.32.10.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.jabmo.app/tag?az=aWRTdWJzY3JpYmVyPTI5MjI
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.10.192 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-10-192.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4dc49a19c403757d93e641380b6324631fb222a6784d945d8f42a379c5c5d6ad

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:21 GMT
content-length: 7673
content-type: application/javascript;charset=UTF-8

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 147 KB
43 KB 86ms
32ms Script
application/javascript 184.51.149.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7OPARS02NEJ1K9SIUUG&lib=ttq
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.149.8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-51-149-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 972e56b6d9bddf1dfeae52d4b4c897b6497c4c059f726249b96a8a4799c6e61e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 20:13:21 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202208052013219DF428AB382939D76A62
vary: Accept-Encoding
x-cache: TCP_MISS from a184-51-149-4.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 14,184.51.149.4
x-tt-trace-host: 01c46ea8ae7269cf4d3136b37cd08657f47b246efd8e793473805ada5cc0e2ba8583b9420d9e1eee7c2afd5054549896035574fa433266eec7b4f63dd8c7c385f9b2a9f021eebaef535e0d63cede2a7bfe
server-timing: inner; dur=2, cdn-cache; desc=MISS, edge; dur=0, origin; dur=14
x-akamai-request-id: a3c6e64
expires: Fri, 05 Aug 2022 20:13:21 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 104ms
67ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-5627812&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a303d6ba92b9b5d22861b018f39d9e43065599b28ec4a3b5273734c45ba12fab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41633
x-xss-protection: 0
last-modified: Fri, 05 Aug 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 Aug 2022 20:13:21 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/56550/
Redirect Chain

https://mpp.mxptint.net/2/27791/?rnd=%n
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_hm=UjM1Q0E5X0Y0MjcwODI2X0ZFODRCRTg%3D
https://aep.mxptint.net/sn.ashx
https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R35CA9_F4270826_FE84BE8&redir=https://aep.mxptint.net/sn.ashx?ak=1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=75557&dpuuid=R35CA9_F4270826_FE84BE8&redir=https://aep.mxptint.net/sn.ashx
https://aep.mxptint.net/sn.ashx
https://ups.analytics.yahoo.com/ups/56550/sync?uid=R35CA9_F4270826_FE84BE8&_origin=1

0
131 B

26ms
25ms

Image
text/plain

3.218.90.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/56550/sync?uid=R35CA9_F4270826_FE84BE8&_origin=1

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Server

3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-90-66.compute-1.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:21 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Location: https://ups.analytics.yahoo.com/ups/56550/sync?uid=R35CA9_F4270826_FE84BE8&_origin=1
Date: Fri, 05 Aug 2022 20:13:21 GMT
Cache-Control: private
P3P: CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length: 205
Strict-Transport-Security: max-age=-342717201; includeSubDomains
Content-Type: text/html; charset=utf-8

GET
H3

200

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://insight.adsrvr.org/track/conv/?adv=tkox4xf&ct=0:h5zomvk&fmt=3
https://ups.analytics.yahoo.com/ups/55953/sync?uid=a5173ca8-93cc-432e-80bf-397a15d1c04c&_origin=1&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/55953/sync?uid=a5173ca8-93cc-432e-80bf-397a15d1c04c&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-vrW.wLJE2uKHN4YDXcGziN44nfWoGhQ-~A&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=YTUxNzNjYTgtOTNjYy00MzJlLTgwYmYtMzk3YTE1ZDFjMDRj&gdpr=0&gdpr_consent=&ttd_tdid=a5173ca8-93cc-432e-80bf-397a1...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=a5173ca8-93cc-432e-80bf-397a15d1c04c&google_gid=CAESEDWtpg4EGO5OxJrKcoSkKck&google_cver=1
https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=a5173ca8-93cc-432e-80bf-397a15d1c04c
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3Da5173ca8-93cc-432e-80bf-397a15d1c04c
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=5526285292266926060&ttd_tdid=a5173ca8-93cc-432e-80bf-397a15d1c04c
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a5173ca8-93cc-432e-80bf-397a15d1c04c&expiration=1662322401&gdpr=0&gdpr_consent=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a5173ca8-93cc-432e-80bf-397a15d1c04c&expiration=1662322401&gdpr=0&gdpr_consent=&C=1

43 B
908 B

76ms
64ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a5173ca8-93cc-432e-80bf-397a15d1c04c&expiration=1662322401&gdpr=0&gdpr_consent=&C=1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 736231647c60a235-YYZ
pragma: no-cache
date: Fri, 05 Aug 2022 20:13:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4OTKGw%2Bx3A305re7PhnmTNhsXrur8AaOjzvH27mXT0SayC2aNX%2FrAiVXyJmRYs5bkYzVva%2FTOwY8S8KQDuK4DZZd43qRrQd74JQqsdURdQpfSDu9FSPCa0y%2Fp2gZUcyVy5IGK9B7ZDzf8A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 05 Aug 2022 20:13:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WNfnAtPsZn1fBda4duB%2FVgDsN4TJf0ylq8htxuc0fKESTwL6U7CQX%2FHePPzMVcP1k6raaigu8T3RqWwaGchoA0ke7c1wEvfsVZoAln2cledleH%2F8tZrS9nJaRkO5xRxReo%2Fra9p14bWuNw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=39&external_user_id=a5173ca8-93cc-432e-80bf-397a15d1c04c&expiration=1662322401&gdpr=0&gdpr_consent=&C=1
cache-control: no-cache
cf-ray: 736231640effa234-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
450 B 102ms
34ms XHR
text/plain 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-66351416-1&cid=1473900862.1659730401&jid=1914864605&gjid=147159087&_gid=2140449538.1659730401&_u=YGBAiAABBAAAAE~&z=840658322

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sickkidsfoundation.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 05 Aug 2022 20:13:21 GMT
content-type: text/plain
access-control-allow-origin: https://www.sickkidsfoundation.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 64ms
22ms Image
image/gif 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1839046539&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&ul=en-us&de=UTF-8&dt=SickKids%20Foundation%20%7C%20Donate&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiAABB~&jid=1914864605&gjid=147159087&cid=1473900862.1659730401&tid=UA-66351416-1&_gid=2140449538.1659730401&gtm=2wg830NJ4P25&z=243092743

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 23:45:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73694
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
p.adsymptotic.com/d/px/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1659730401275&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1659730401275&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2274266%26time%3D1659730401275%26url%3Dhttps%253A%252F%252Fwww.sickkidsfoundation...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1659730401275&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1659730401275&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQI9Kw-1EBAALQAAAYJvpBnf73l8sisIXV...
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=9ade370c-fd09-4a15-a4ea-bde9985b4114
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=9ade370c-fd09-4a15-a4ea-bde9985b4114&_expected_cookie=2733183bb0662315954a18ac...

43 B
142 B

79ms
78ms

Image
image/gif

104.18.100.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=9ade370c-fd09-4a15-a4ea-bde9985b4114&_expected_cookie=2733183bb0662315954a18ace008a2e0
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Server: 104.18.100.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 73623164eedba1da-YYZ
p3p: CP='NON DSP COR CONi OUR BUS CNT'
content-type: image/gif
content-length: 43

Redirect headers

location: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=9ade370c-fd09-4a15-a4ea-bde9985b4114&_expected_cookie=2733183bb0662315954a18ace008a2e0
date: Fri, 05 Aug 2022 20:13:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 736231648e5fa1da-YYZ
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H2 200 adsct
t.co/i/ 43 B
337 B 130ms
41ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=2114cd10-b0b8-4cc9-833e-988122f83e3e&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=2740d557-b15f-47cd-8c25-a2128aa3d482&tw_document_href=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxw6l&type=javascript&version=2.3.26

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-response-time: 5
date: Fri, 05 Aug 2022 20:13:21 GMT
server: tsa_b
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 3cf47f823d5fe935fc67dd5b6ae209c2e07ba458fdbb0dfb4cd039a8c487a669
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
354 B 131ms
41ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=2114cd10-b0b8-4cc9-833e-988122f83e3e&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=2740d557-b15f-47cd-8c25-a2128aa3d482&tw_document_href=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxw6l&type=javascript&version=2.3.26

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-response-time: 5
date: Fri, 05 Aug 2022 20:13:20 GMT
server: tsa_b
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 60a6aa64eb8ed1afd05bcd5f5d3391f4e456a46a965b685161d833127d041d3e
content-length: 43

GET
H3 200 250085185187976 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 43ms
22ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/250085185187976?v=2.9.71&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b34856ac1a650e37117d0bf1289a1008fd6cfa050226e173083358d963388a4c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86122
x-xss-protection: 0
pragma: public
x-fb-debug: AI44wB3h3VzgbKInj8GXASYlT61sDolwZLWh/PBMvN0fCoO03YY5sOhV/sh7/HKsX0tevKPz2A1/VbMsR2kbOA==
x-frame-options: DENY
date: Fri, 05 Aug 2022 20:13:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

callback=ci_events.pool_callback Show response
ad.crwdcntrl.net/5/c=12995/pe=y/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=12995?https://ad.crwdcntrl.net/5/c=12995/pe=y/callback=ci_events.pool_callback
https://bcp.crwdcntrl.net/5/ct=y/c=12995?https://ad.crwdcntrl.net/5/c=12995/pe=y/callback=ci_events.pool_callback
https://ad.crwdcntrl.net/5/c=12995/pe=y/callback=ci_events.pool_callback

166 B
402 B

97ms
34ms

Script
application/javascript

52.71.37.99
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.crwdcntrl.net/5/c=12995/pe=y/callback=ci_events.pool_callback
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Server: 52.71.37.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-37-99.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 284168cb2e2253b0929593454e37ab19224bb6999158b750983a645574f69c84

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 20:13:21 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.36.21
content-type: application/javascript;charset=utf-8
content-length: 166
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 05 Aug 2022 20:13:21 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ad.crwdcntrl.net/5/c=12995/pe=y/callback=ci_events.pool_callback
cache-control: no-cache
x-server: 10.40.37.253
content-length: 0
expires: 0

GET
H2 200 init Show response
tr.snapchat.com/ 126 B
193 B 105ms
57ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/init?pids=1da237a8-8122-4c02-9fcf-0aa6fde57222

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

bf73b3a52eb6d7a0034fe2d4059b8842ff7b3dd98e535ba6597239ad85302423

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:21 GMT
content-encoding: gzip
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sickkidsfoundation.com
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google, 1.1 google

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 78 B
469 B 104ms
56ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=1da237a8-8122-4c02-9fcf-0aa6fde57222&tld=com

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

76173e18853b7588c8073a15ad272aa302508bab48185240b1e4cff86fe2df8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:21 GMT
content-encoding: gzip
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sickkidsfoundation.com
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google, 1.1 google

GET
H2 200 main.c99cd143.js Show response
s.pinimg.com/ct/lib/ 52 KB
18 KB 38ms
37ms Script
application/javascript 2600:1400:d:485::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.c99cd143.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:485::1931 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d6bc239a6993be3a5ed13249ff2d27e4e3bc80a30bbd6df2ff92b4db0ad1d996

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "a05548af4f747ef476e354fcd30947ce"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18448
access-control-expose-headers: X-CDN

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame EBDE 672 B
852 B 100ms
70ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=1da237a8-8122-4c02-9fcf-0aa6fde57222&_scsid=f2f210de-4538-4c9b-8ced-2e0d68c2994c&_sclid=d48af3c2-46a9-40fa-8e53-1b0a539215f9

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sickkidsfoundation.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: gzip
content-type: text/html
date: Fri, 05 Aug 2022 20:13:21 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 10

GET
H/1.1 200
OK advertiser Show response
cm.teads.tv/v2/ 93 B
449 B 219ms
27ms Fetch
application/json 104.77.9.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&advertiser_id=31041
Requested by: Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.77.9.133 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-77-9-133.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d59748ac8b110553b27b3d4b832934fe6371e329a9e09d3ecce02221f3fb33db

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 20:13:21 GMT
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.sickkidsfoundation.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 93
Expires: Fri, 05 Aug 2022 20:13:21 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 313ms
45ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-66351416-1&cid=1473900862.1659730401&jid=1914864605&_u=YGBAiAABBAAAAE~&z=1210405605

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 20:13:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 89ms
38ms Image
image/gif 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-66351416-1&cid=1473900862.1659730401&jid=1914864605&_u=YGBAiAABBAAAAE~&z=1210405605

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 20:13:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1036497480/ 2 KB
2 KB 95ms
43ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1036497480/?random=1659730401391&cv=9&fst=1659730401391&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg830&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&tiba=SickKids%20Foundation%20%7C%20Donate&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c08928b43b494e2c39af88ed94c3e5ab393546ba52d8bf5b66d66fd4dafe803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 20:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1023
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/711607319/ 2 KB
1 KB 69ms
52ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/711607319/?random=1659730401393&cv=9&fst=1659730401393&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg830&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&tiba=SickKids%20Foundation%20%7C%20Donate&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26eb748e49a7e6bee16c9c39b840ea1adc636378968e30758710b0c1a12dbe14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 20:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1024
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/880455918/ 2 KB
1 KB 52ms
49ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/880455918/?random=1659730401395&cv=9&fst=1659730401395&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa830&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&tiba=SickKids%20Foundation%20%7C%20Donate&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5936571d06af1a93f93d3bd38199ed2fc23927e1e81cad6ee3ce2ef8545f92b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 20:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1044
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 p Show response
tr.snapchat.com/ Frame BEAE 68 B
324 B 59ms
58ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.sickkidsfoundation.com
Referer: https://www.sickkidsfoundation.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-origin: https://www.sickkidsfoundation.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-transform
content-length: 68
content-type: text/html
date: Fri, 05 Aug 2022 20:13:21 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 1

GET
H2 200 modules.0e32ccb9bfd67090f5ca.js Show response
script.hotjar.com/ 249 KB
64 KB 73ms
21ms Script
application/javascript 108.139.47.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.0e32ccb9bfd67090f5ca.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-302599.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.47.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-47-15.jfk50.r.cloudfront.net

Software

Resource Hash

b8ea26b655664c090e9458919e81401c39f87d2e8a675663b1da92351840f067

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 16:18:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 100514
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
content-length: 64991
access-control-allow-origin: *
last-modified: Thu, 04 Aug 2022 16:17:15 GMT
etag: "1c50abd15784ee393d3fe4003e188eef"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 005b0f8dc37e46fc9bdc40ea2ce8a602.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: JFK50-P1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: aXmFzOSZGvsITfH1lzP0mPR6MAkbtjcQHkz6aeHI7i7t5J-LU6bzBQ==

GET
H2 200 / Show response
c212.net/c/etag/ 384 B
856 B 83ms
33ms Script
text/html 108.138.128.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c212.net/c/etag/?clientId=y3q9pMjP&pixel=0&dmp=1&e1=1
Requested by: Host: cdn.c212.net
URL: https://cdn.c212.net/c.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-28.jfk50.r.cloudfront.net
Software: Jetty(9.4.31.v20200723) /
Resource Hash: 83570984ac066eae1a59773c11bfef094e6557791d7456d492b306c8257adf43

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:21 GMT
via: 1.1 f7c13eeb01f01c4623bb4e70dbaa731a.cloudfront.net (CloudFront)
server: Jetty(9.4.31.v20200723)
x-amz-cf-pop: JFK50-P4
x-cache: Miss from cloudfront
content-language: en-CA
server-timing: intid;desc=9146d155d4c5f02b
content-type: text/html;charset=iso-8859-1
content-length: 384
x-amz-cf-id: SqpDfEVA2qck9iVgge8fUlUiDzc0JxkeD9_uUhbSfCk43ZztxmciBw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 1728472720702530 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 20ms
19ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1728472720702530?v=2.9.71&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d395a7fd0d97d09dbf41ce1c0792b4297c0c3655db31c0f1da1df5bcdf7c8a4c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85903
x-xss-protection: 0
pragma: public
x-fb-debug: H4j4pSr9DER+olm0kABGoEH6s5Nv7Vxf46zy4HqW33m1own5NIIr3U4lXDrpL9r65YdDxDvyN6/KHU1Ugif8HQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 05 Aug 2022 20:13:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 88ms
19ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=250085185187976&ev=PageView&dl=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&rl=&if=false&ts=1659730401424&sw=1600&sh=1200&v=2.9.71&r=stable&ec=0&o=30&fbp=fb.1.1659730401423.1294009924&it=1659730401293&coo=false&rqm=GET

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 05 Aug 2022 20:13:21 GMT

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 37ms
36ms Script
application/javascript 184.51.149.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BTD7IIOQDRQCQF14MJL0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.149.8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-51-149-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-akamai-request-id: 7c904ac.a3c6ea9
date: Fri, 05 Aug 2022 20:13:21 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-134.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a184-51-149-4.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-parent-response-time: 17,184.51.149.4
server-timing: cdn-cache; desc=MISS, edge; dur=8, origin; dur=9, inner; dur=1
pragma: no-cache
server: nginx
x-tt-logid: 2022080520132184D0D9537F004DF18A01
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,23.220.104.134
x-tt-trace-host: 01c46ea8ae7269cf4d3136b37cd08657f49dddfa4612005cdece9cc7ec2ed77f922e97b263572098e66da5e2cf3666729e1a067546be9cdb725cea1484eaa97a27b0dcfdab6f53d33d6b962935be4a491a68e1aa3acda3c2ab380e19395c2d3f26
expires: Fri, 05 Aug 2022 20:13:21 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
543 B 37ms
36ms Ping
application/octet-stream 184.51.149.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BTD7IIOQDRQCQF14MJL0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.149.8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-51-149-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sickkidsfoundation.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 20:13:21 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202208052013219DF428AB382939D76A82
x-cache: TCP_MISS from a184-51-149-4.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 16,184.51.149.4
x-tt-trace-host: 01c46ea8ae7269cf4d3136b37cd08657f47b246efd8e793473805ada5cc0e2ba8573b080b302a7a75cc6ce2460d8f463e37276319634242fac3ddb3d7b5971695a75434032cea8d4338d95333fb5e3af52
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=1, origin; dur=16
x-akamai-request-id: a3c6ec7
content-length: 0
expires: Fri, 05 Aug 2022 20:13:21 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
541 B 43ms
43ms Ping
application/octet-stream 184.51.149.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BTD7IIOQDRQCQF14MJL0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.149.8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-51-149-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sickkidsfoundation.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 20:13:21 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2022080520132191E2AA28A19C58D7EC96
x-cache: TCP_MISS from a184-51-149-4.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 18,184.51.149.4
x-tt-trace-host: 01c46ea8ae7269cf4d3136b37cd08657f47b246efd8e793473805ada5cc0e2ba859bfc414dec8c246f341e8be2e74241efba5e695a1871be4d9c2e38c4166bf0ab330ceec50f6aee0683611225c3c3fc47
server-timing: inner; dur=6, cdn-cache; desc=MISS, edge; dur=3, origin; dur=18
x-akamai-request-id: a3c6ec8
content-length: 0
expires: Fri, 05 Aug 2022 20:13:21 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
684 B 48ms
48ms Ping
application/octet-stream 184.51.149.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BTD7IIOQDRQCQF14MJL0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.149.8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-51-149-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sickkidsfoundation.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: cd985f.a3c6ecb
date: Fri, 05 Aug 2022 20:13:21 GMT
x-cache-remote: TCP_MISS from a23-220-104-137.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a184-51-149-4.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-parent-response-time: 22,184.51.149.4
server-timing: cdn-cache; desc=MISS, edge; dur=16, origin; dur=9, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202208052013218567DCA1CE43FDF9FCDB
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,23.220.104.137
x-tt-trace-host: 01c46ea8ae7269cf4d3136b37cd08657f49dddfa4612005cdece9cc7ec2ed77f92adcb9074ecc314a820bb048ce8cbf2a84f6b413dcc055a331be891b6ca2fc4cde00acf50592b490b8bbcb78d533f2c86a3eb9c806e68fb8e6e030b639bba2e2f
expires: Fri, 05 Aug 2022 20:13:21 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
684 B 45ms
45ms Ping
application/octet-stream 184.51.149.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BTD7IIOQDRQCQF14MJL0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.149.8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-51-149-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sickkidsfoundation.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2694a04.a3c6ecc
date: Fri, 05 Aug 2022 20:13:21 GMT
x-cache-remote: TCP_MISS from a23-220-104-150.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a184-51-149-4.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-parent-response-time: 17,184.51.149.4
server-timing: cdn-cache; desc=MISS, edge; dur=12, origin; dur=7, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20220805201321B79A653FD39B6BD5488A
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.220.104.150
x-tt-trace-host: 01c46ea8ae7269cf4d3136b37cd08657f49dddfa4612005cdece9cc7ec2ed77f9214077b3ac1a8a5a1046f2e0fff3e8753b546e0677b365edd52bdc5dbdbe7c00f07a282de09fe6a5c670fcacd3b9b9a47ca1e105a3212fddeb5564084f716740d
expires: Fri, 05 Aug 2022 20:13:21 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
544 B 92ms
92ms Ping
application/octet-stream 184.51.149.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BTD7IIOQDRQCQF14MJL0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.149.8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-51-149-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sickkidsfoundation.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 20:13:21 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20220805201321F369A0C840A958D91AC2
x-cache: TCP_MISS from a184-51-149-4.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 63,184.51.149.4
x-tt-trace-host: 01c46ea8ae7269cf4d3136b37cd08657f47b246efd8e793473805ada5cc0e2ba857a6a0c9a74e37f52240df5534e260dfe536e32729c989f317fc938e1eeb9dbbbce76463bbaaa580defe8692520cfe6dc
server-timing: inner; dur=47, cdn-cache; desc=MISS, edge; dur=2, origin; dur=63
x-akamai-request-id: a3c6ece
content-length: 0
expires: Fri, 05 Aug 2022 20:13:21 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
543 B 55ms
55ms Ping
application/octet-stream 184.51.149.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BTD7IIOQDRQCQF14MJL0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.149.8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-51-149-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sickkidsfoundation.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 20:13:21 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2022080520132135F92AA5E0FA58F50542
x-cache: TCP_MISS from a184-51-149-4.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 16,184.51.149.4
x-tt-trace-host: 01c46ea8ae7269cf4d3136b37cd08657f47b246efd8e793473805ada5cc0e2ba85280ad8fdb4841ff35780b71d3983dfda145f1483a47dec41a8709041627a3c1cafb369688ecef92236448d2344f65678
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=1, origin; dur=16
x-akamai-request-id: a3c6ed1
content-length: 0
expires: Fri, 05 Aug 2022 20:13:21 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 902 B
1 KB 56ms
55ms Script
application/javascript 184.51.149.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C7OPARS02NEJ1K9SIUUG&hostname=www.sickkidsfoundation.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BTD7IIOQDRQCQF14MJL0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.149.8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-51-149-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: fe815d5343e0ce079c6b1c5cec27cc7bd12669b374f11c0477349d73e417599c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-akamai-request-id: a3c6ed3
date: Fri, 05 Aug 2022 20:13:21 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a184-51-149-4.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
server-timing: inner; dur=2, cdn-cache; desc=MISS, edge; dur=1, origin; dur=16
content-length: 372
pragma: no-cache
server: nginx
x-tt-logid: 2022080520132191E2AA28A19C58D7EC9D
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 16,184.51.149.4
x-tt-trace-host: 01c46ea8ae7269cf4d3136b37cd08657f47b246efd8e793473805ada5cc0e2ba85cca6253e3f1ad8ecfa40b28387f90542e767c848a1aff06e8b911858103496750ebfd10877f4506e4e07e6e635436bda
expires: Fri, 05 Aug 2022 20:13:21 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 59 KB
20 KB 55ms
54ms Script
application/javascript 184.51.149.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=BTD7IIOQDRQCQF14MJL0&hostname=www.sickkidsfoundation.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BTD7IIOQDRQCQF14MJL0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.149.8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-51-149-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: dca58500f438ec6575ea685c3c62c79448f6e450335ffce71db418169a897e13

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-akamai-request-id: 24546eb.a3c6ed6
date: Fri, 05 Aug 2022 20:13:21 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-155.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a184-51-149-4.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-parent-response-time: 13,184.51.149.4
server-timing: cdn-cache; desc=MISS, edge; dur=8, origin; dur=5, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 20220805201321D9168B2016C0B6D640FC
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 5,23.220.104.155
x-tt-trace-host: 01c46ea8ae7269cf4d3136b37cd08657f49dddfa4612005cdece9cc7ec2ed77f9255a4f497ae5bfc35bad5a2cf1f4bad83aca883b192c9744e063f67f303efe896690fa9082f7487a2c8bb6c1268c711acc27799c5800a8e8cedbb24bea0eed2eb
expires: Fri, 05 Aug 2022 20:13:21 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
544 B 88ms
88ms Ping
application/octet-stream 184.51.149.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BTD7IIOQDRQCQF14MJL0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.149.8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-51-149-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sickkidsfoundation.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 20:13:21 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202208052013219DF428AB382939D76A90
x-cache: TCP_MISS from a184-51-149-4.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 44,184.51.149.4
x-tt-trace-host: 01c46ea8ae7269cf4d3136b37cd08657f47b246efd8e793473805ada5cc0e2ba8573b080b302a7a75cc6ce2460d8f463e37276319634242fac3ddb3d7b5971695a0f109b8cfdd8c9c34b73a39b5a6fa80d
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=1, origin; dur=44
x-akamai-request-id: a3c6ed8
content-length: 0
expires: Fri, 05 Aug 2022 20:13:21 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
543 B 88ms
88ms Ping
application/octet-stream 184.51.149.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BTD7IIOQDRQCQF14MJL0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.149.8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-51-149-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sickkidsfoundation.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 20:13:21 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20220805201321A3259C747BD480FCF3F9
x-cache: TCP_MISS from a184-51-149-4.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 42,184.51.149.4
x-tt-trace-host: 01c46ea8ae7269cf4d3136b37cd08657f47b246efd8e793473805ada5cc0e2ba85d3fb3cb57a539ef5b484afd16093e8422b6c391103e466cec134ffce388c192a1676fde708afda27d6fdb4d1dc512fea
server-timing: inner; dur=20, cdn-cache; desc=MISS, edge; dur=2, origin; dur=41
x-akamai-request-id: a3c6edb
content-length: 0
expires: Fri, 05 Aug 2022 20:13:21 GMT

GET
H2 200 dc_pre=CLql9sfBsPkCFfAKaAgddZEOtQ;src=5627812;type=sickk0;cat=sickk0;ord=4137422941129;gtm=2wg830;auiddc=2099963878.1659730401;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F Show response
adservice.google.com/ddm/fls/i/ Frame 0B02 490 B
853 B 91ms
41ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CLql9sfBsPkCFfAKaAgddZEOtQ;src=5627812;type=sickk0;cat=sickk0;ord=4137422941129;gtm=2wg830;auiddc=2099963878.1659730401;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F

Requested by

Host: 5627812.fls.doubleclick.net
URL: https://5627812.fls.doubleclick.net/activityi;dc_pre=CLql9sfBsPkCFfAKaAgddZEOtQ;src=5627812;type=sickk0;cat=sickk0;ord=4137422941129;gtm=2wg830;auiddc=2099963878.1659730401;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a49269a2f8ab7309ca84625b07bcbb03bf6aec02c1b21d57cf9459b4220f73db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5627812.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 384
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 Aug 2022 20:13:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
ct.pinterest.com/user/ 484 B
841 B 173ms
58ms XHR
application/json 23.208.216.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2612982544860&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1659730401503

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.c99cd143.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.208.216.207 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-216-207.deploy.static.akamaitechnologies.com

Software

Resource Hash

0a00d5c9c8368a6afbac094dbaa312c0f75fe445f57aeb23bcda10a34c058698

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:21 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.8a19df17.1659730401.1002bb91
x-envoy-upstream-service-time: 2
x-pinterest-rid: 6216667703188459
pin-unauth: dWlkPU56RXhNV1ZrWkRVdFpUVXdNeTAwWkdFeExXRXlNMkl0WlRaaU56Vm1abVE0WWpJMw
access-control-allow-origin: https://www.sickkidsfoundation.com
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 351
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 box-54d18b2ccd1c7fa42c71f18525ba4ad0.html Show response
vars.hotjar.com/ Frame D483 2 KB
1 KB 66ms
16ms Document
text/html 13.226.39.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-54d18b2ccd1c7fa42c71f18525ba4ad0.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-302599.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.39.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-39-89.ewr53.r.cloudfront.net

Software

Resource Hash

3b534eeaf216d2e54730d1c9bb15344f4b78712e6c781d31555585c51651e989

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.sickkidsfoundation.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 368714
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 01 Aug 2022 13:48:07 GMT
etag: "b310868fbdb4c8ee7d37e1b85ae269fa"
last-modified: Mon, 01 Aug 2022 13:47:35 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
via: 1.1 a5bdbdd1958d4d023b03427095a0a97a.cloudfront.net (CloudFront)
x-amz-cf-id: IfwOeYl0w6DsDYr0tpg01a5eU1rV-AQ3r_m3Aqg44aXGemttkcAdVA==
x-amz-cf-pop: EWR53-C2
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
333 B 162ms
73ms Image
image/gif 23.208.216.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2612982544860&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.sickkidsfoundation.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22c99cd143%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1659730401529

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.208.216.207 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-216-207.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 20:13:21 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.8a19df17.1659730401.1002bbba
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 7026451919526288
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
579 B 126ms
87ms Image
image/gif 23.208.216.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=pagevisit&tid=2612982544860&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.sickkidsfoundation.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22c99cd143%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1659730401529

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.208.216.207 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-216-207.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 20:13:21 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.8a19df17.1659730401.1002bbd8
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 2885005678516087
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
686 B 47ms
47ms Ping
application/octet-stream 184.51.149.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BTD7IIOQDRQCQF14MJL0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.149.8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-51-149-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sickkidsfoundation.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 24547dd.a3c6eea
date: Fri, 05 Aug 2022 20:13:21 GMT
x-cache-remote: TCP_MISS from a23-220-104-155.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a184-51-149-4.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-parent-response-time: 25,184.51.149.4
server-timing: cdn-cache; desc=MISS, edge; dur=12, origin; dur=15, inner; dur=8
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202208052013210505658CB75DBD01A314
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 15,23.220.104.155
x-tt-trace-host: 01c46ea8ae7269cf4d3136b37cd08657f49dddfa4612005cdece9cc7ec2ed77f9255a4f497ae5bfc35bad5a2cf1f4bad8337c88f229146c89a82176021172eb5f66ca6c6bf3d96ad388989d0899c6bd27a6070affbb6b160ecd6c1cdf7a3e8d497
expires: Fri, 05 Aug 2022 20:13:21 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
541 B 40ms
40ms Ping
application/octet-stream 184.51.149.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BTD7IIOQDRQCQF14MJL0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.149.8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-51-149-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sickkidsfoundation.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 20:13:21 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2022080520132191E2AA28A19C58D7ECA8
x-cache: TCP_MISS from a184-51-149-4.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 19,184.51.149.4
x-tt-trace-host: 01c46ea8ae7269cf4d3136b37cd08657f47b246efd8e793473805ada5cc0e2ba856317d0e08a4e62899c40dc3691fa3a6a4c8938e1ec11b0506bed7c8f38560c7cd52fa7aa573e280cc252719800905323
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=0, origin; dur=19
x-akamai-request-id: a3c6eef
content-length: 0
expires: Fri, 05 Aug 2022 20:13:21 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame EBDE 22 KB
8 KB 20ms
19ms Script
application/javascript 108.138.113.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=1da237a8-8122-4c02-9fcf-0aa6fde57222&_scsid=f2f210de-4538-4c9b-8ced-2e0d68c2994c&_sclid=d48af3c2-46a9-40fa-8e53-1b0a539215f9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.113.246 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-113-246.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 37890dea5b2726064a174b28b90faf16d51fed898d0f37e2fb0342161593d68c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tr.snapchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 06:50:36 GMT
content-encoding: gzip
server: CloudFront
age: 48165
etag: 0d6e407936704bd380072f5891d28b0e
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=86400, max-age=600
x-amz-cf-pop: JFK50-P3
access-control-allow-headers: Content-Type
content-length: 7821
via: 1.1 749177a97cae42477f22c33c927ca0ce.cloudfront.net (CloudFront)
x-amz-cf-id: PbqFl321RQnfL66ho8f0HB9TBOxL664D502SXiY_rlZxtKKvaoJk5A==

GET
H2 200 /
www.facebook.com/tr/ 44 B
214 B 19ms
18ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1728472720702530&ev=PageView&dl=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&rl=&if=false&ts=1659730401561&sw=1600&sh=1200&v=2.9.71&r=stable&ec=0&o=30&fbp=fb.1.1659730401423.1294009924&it=1659730401293&coo=false&rqm=GET

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 05 Aug 2022 20:13:21 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1036497480/ 42 B
548 B 97ms
40ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1036497480/?random=1659730401391&cv=9&fst=1659729600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg830&sendb=1&frm=0&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&tiba=SickKids%20Foundation%20%7C%20Donate&async=1&fmt=3&is_vtc=1&random=2291991942&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 20:13:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/1036497480/ 42 B
64 B 81ms
40ms Image
image/gif 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/1036497480/?random=1659730401391&cv=9&fst=1659729600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg830&sendb=1&frm=0&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&tiba=SickKids%20Foundation%20%7C%20Donate&async=1&fmt=3&is_vtc=1&random=2291991942&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 20:13:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/880455918/ 42 B
108 B 88ms
42ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/880455918/?random=1659730401395&cv=9&fst=1659729600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa830&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&tiba=SickKids%20Foundation%20%7C%20Donate&async=1&fmt=3&is_vtc=1&random=4292764016&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 20:13:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/880455918/ 42 B
64 B 83ms
43ms Image
image/gif 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/880455918/?random=1659730401395&cv=9&fst=1659729600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa830&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&tiba=SickKids%20Foundation%20%7C%20Donate&async=1&fmt=3&is_vtc=1&random=4292764016&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 20:13:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/711607319/ 42 B
108 B 70ms
41ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/711607319/?random=1659730401393&cv=9&fst=1659729600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg830&sendb=1&frm=0&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&tiba=SickKids%20Foundation%20%7C%20Donate&async=1&fmt=3&is_vtc=1&random=1379564635&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 20:13:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/711607319/ 42 B
64 B 78ms
39ms Image
image/gif 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/711607319/?random=1659730401393&cv=9&fst=1659729600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg830&sendb=1&frm=0&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&tiba=SickKids%20Foundation%20%7C%20Donate&async=1&fmt=3&is_vtc=1&random=1379564635&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 20:13:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
683 B 40ms
40ms Ping
application/octet-stream 184.51.149.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BTD7IIOQDRQCQF14MJL0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.149.8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-51-149-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sickkidsfoundation.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 7c90e85.a3c6f03
date: Fri, 05 Aug 2022 20:13:21 GMT
x-cache-remote: TCP_MISS from a23-220-104-134.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a184-51-149-4.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-parent-response-time: 20,184.51.149.4
server-timing: cdn-cache; desc=MISS, edge; dur=9, origin; dur=12, inner; dur=8
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022080520132190C0F2131EC675E32A8D
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 12,23.220.104.134
x-tt-trace-host: 01c46ea8ae7269cf4d3136b37cd08657f49dddfa4612005cdece9cc7ec2ed77f922e97b263572098e66da5e2cf3666729e82c5a30822e1feb53e2a2336c93945aca8b8146416a656a26697fc07b5190b0f912c134cba747000fee2e6874c34a0d2
expires: Fri, 05 Aug 2022 20:13:21 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
684 B 48ms
47ms Ping
application/octet-stream 184.51.149.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BTD7IIOQDRQCQF14MJL0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.149.8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-51-149-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sickkidsfoundation.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: cd9dc8.a3c6f04
date: Fri, 05 Aug 2022 20:13:21 GMT
x-cache-remote: TCP_MISS from a23-220-104-137.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a184-51-149-4.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-parent-response-time: 26,184.51.149.4
server-timing: cdn-cache; desc=MISS, edge; dur=8, origin; dur=19, inner; dur=16
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20220805201321DA16BA242CFF30D43489
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 19,23.220.104.137
x-tt-trace-host: 01c46ea8ae7269cf4d3136b37cd08657f49dddfa4612005cdece9cc7ec2ed77f92adcb9074ecc314a820bb048ce8cbf2a8a23468fd9ea832d2087c3133b78493ca89ae260df46147c6b7088e27997b3c27ee794b06ebe2f143f83d28ffe9452496
expires: Fri, 05 Aug 2022 20:13:21 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
543 B 43ms
39ms Ping
application/octet-stream 184.51.149.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BTD7IIOQDRQCQF14MJL0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.149.8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-51-149-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sickkidsfoundation.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 20:13:21 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2022080520132191E2AA28A19C58D7ECB1
x-cache: TCP_MISS from a184-51-149-4.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 22,184.51.149.4
x-tt-trace-host: 01c46ea8ae7269cf4d3136b37cd08657f47b246efd8e793473805ada5cc0e2ba8573b080b302a7a75cc6ce2460d8f463e37276319634242fac3ddb3d7b5971695a89ce5219f2cc9f8aa71f77455d365b21
server-timing: inner; dur=6, cdn-cache; desc=MISS, edge; dur=1, origin; dur=22
x-akamai-request-id: a3c6f08
content-length: 0
expires: Fri, 05 Aug 2022 20:13:21 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
545 B 93ms
93ms Ping
application/octet-stream 184.51.149.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BTD7IIOQDRQCQF14MJL0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.149.8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-51-149-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sickkidsfoundation.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 20:13:21 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20220805201321F369A0C840A958D91AD9
x-cache: TCP_MISS from a184-51-149-4.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 73,184.51.149.4
x-tt-trace-host: 01c46ea8ae7269cf4d3136b37cd08657f47b246efd8e793473805ada5cc0e2ba85c54dddd6905110abf1b02a2adff43f8248ba657e9213b4dc6677554a7e576ff4e4efd09108e3bc5e369e8af56a047862
server-timing: inner; dur=63, cdn-cache; desc=MISS, edge; dur=0, origin; dur=73
x-akamai-request-id: a3c6f0d
content-length: 0
expires: Fri, 05 Aug 2022 20:13:21 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
545 B 89ms
89ms Ping
application/octet-stream 184.51.149.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BTD7IIOQDRQCQF14MJL0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.149.8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-51-149-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sickkidsfoundation.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 20:13:21 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20220805201321A3259C747BD480FCF409
x-cache: TCP_MISS from a184-51-149-4.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 68,184.51.149.4
x-tt-trace-host: 01c46ea8ae7269cf4d3136b37cd08657f47b246efd8e793473805ada5cc0e2ba8564ad7f3271126dfd780a988a54f848a7e10850b16def741393049214c1cf56d096a75a35298507e81675fca612ab5cfb
server-timing: inner; dur=56, cdn-cache; desc=MISS, edge; dur=1, origin; dur=68
x-akamai-request-id: a3c6f0f
content-length: 0
expires: Fri, 05 Aug 2022 20:13:21 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/sync/ 2 KB
2 KB 91ms
29ms Script
text/javascript 184.29.128.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/js?sync=auto&exsync=https%3A%2F%2Fc212.net%2Fc%2Fsync%3Fu%3D%26c%3DUS%26dmpId%3D1%26pid%3D%5BMM_UUID%5D&mt_lim=1
Requested by: Host: c212.net
URL: https://c212.net/c/etag/?clientId=y3q9pMjP&pixel=0&dmp=1&e1=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.29.128.222 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-29-128-222.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master iad-pixel-x8 config:1.0.0 /
Resource Hash: b52e447ceb07898e04bd67b1a35269ca646c9cd7911dd5c3278435d9b5e09464

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 20:13:21 GMT
Server: MT3 4475 c1dc35a master iad-pixel-x8 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1570
Expires: Fri, 05 Aug 2022 20:13:20 GMT

GET
H3

200

dc_pre=CLql9sfBsPkCFfAKaAgddZEOtQ;src=5627812;type=sickk0;cat=sickk0;ord=4137422941129;gtm=2wg830;auiddc=2099963878.1659730401;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F Show response
5627812.fls.doubleclick.net/ddm/fls/r/ Frame 4749
Redirect Chain

https://adservice.google.ca/ddm/fls/i/dc_pre=CLql9sfBsPkCFfAKaAgddZEOtQ;src=5627812;type=sickk0;cat=sickk0;ord=4137422941129;gtm=2wg830;auiddc=2099963878.1659730401;~oref=https%3A%2F%2Fwww.sickkids...
https://5627812.fls.doubleclick.net/ddm/fls/r/dc_pre=CLql9sfBsPkCFfAKaAgddZEOtQ;src=5627812;type=sickk0;cat=sickk0;ord=4137422941129;gtm=2wg830;auiddc=2099963878.1659730401;~oref=https%3A%2F%2Fwww....

1 KB
735 B

40ms
39ms

Document
text/html

142.250.81.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5627812.fls.doubleclick.net/ddm/fls/r/dc_pre=CLql9sfBsPkCFfAKaAgddZEOtQ;src=5627812;type=sickk0;cat=sickk0;ord=4137422941129;gtm=2wg830;auiddc=2099963878.1659730401;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CLql9sfBsPkCFfAKaAgddZEOtQ;src=5627812;type=sickk0;cat=sickk0;ord=4137422941129;gtm=2wg830;auiddc=2099963878.1659730401;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f6.1e100.net

Software

cafe /

Resource Hash

c6d25b91190cf44322848bd6d1af4d295f4f48e1fcb6bf2f56c6df37a8680284

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 712
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 Aug 2022 20:13:21 GMT
expires: Fri, 05 Aug 2022 20:13:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 Aug 2022 20:13:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://5627812.fls.doubleclick.net/ddm/fls/r/dc_pre=CLql9sfBsPkCFfAKaAgddZEOtQ;src=5627812;type=sickk0;cat=sickk0;ord=4137422941129;gtm=2wg830;auiddc=2099963878.1659730401;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 track
t.teads.tv/ 23 B
143 B 136ms
53ms Image
image/gif 23.205.73.204
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=pageView&env=js-web&tag_version=5.5.4_dee72da&advertiser_id=31041&referer=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&cohort_id=SickKids%20Foundation%20%7C%20Donate
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.73.204 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-73-204.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:21 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H3

200

p Show response
tr.snapchat.com/cm/ Frame CF96
Redirect Chain

https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1659730401646&_scsid=e1ed5950-6971-4429-ad6d-b993efd7d415&_sclid=8b87f5aa-2c41-4201-b6f0-e84635146de4
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1659716289680%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1659716289680%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://tr.snapchat.com/cm/p?rand=1659716289680&pnid=140&pcid=ea3fadd9-30f5-4179-a4cb-adfb2aaed7ca

0
18 B

70ms
70ms

Document
text/html

35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/p?rand=1659716289680&pnid=140&pcid=ea3fadd9-30f5-4179-a4cb-adfb2aaed7ca

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://tr.snapchat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-transform
content-length: 0
content-type: text/html
date: Fri, 05 Aug 2022 20:13:22 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 12

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 05 Aug 2022 20:13:22 GMT
location: https://tr.snapchat.com/cm/p?rand=1659716289680&pnid=140&pcid=ea3fadd9-30f5-4179-a4cb-adfb2aaed7ca
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H/1.1 200
OK getuidp Show response
secure.adnxs.com/ 31 B
707 B 69ms
23ms Script
application/javascript 68.67.179.166
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidp?callback=jabmo_uid_callback

Requested by

Host: t.jabmo.app
URL: https://t.jabmo.app/tag?az=aWRTdWJzY3JpYmVyPTI5MjI

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e6d9b490bde45d14a4f88a44e74bd6043a7cad3239acc7fbebbf4be122ef308a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 20:13:21 GMT
X-Proxy-Origin: 149.56.153.189; 149.56.153.189; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3cd32c8f-64d7-4552-93df-ce62b4766966
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 31
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 snowplow-javascript-tracker-3.5.0.js Show response
d22d1xpx4ztuef.cloudfront.net/ 73 KB
73 KB 79ms
20ms Script
application/javascript 2600:9000:2140:8600:a:ac8:89c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d22d1xpx4ztuef.cloudfront.net/snowplow-javascript-tracker-3.5.0.js
Requested by: Host: t.jabmo.app
URL: https://t.jabmo.app/tag?az=aWRTdWJzY3JpYmVyPTI5MjI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:8600:a:ac8:89c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6bf87e574d8b2927a82170f0d6dbca56e1bd9268a74df333fd342fc6cf7eac76

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 11:16:07 GMT
via: 1.1 66114286e54efb82c700272100713f2e.cloudfront.net (CloudFront)
last-modified: Fri, 01 Jul 2022 07:58:23 GMT
server: AmazonS3
age: 32235
etag: "0d8a2099757b4ba87b9c554b37b7a035"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: EWR52-C1
accept-ranges: bytes
content-length: 74309
x-amz-cf-id: KzcysUxkebXbKf0g97a5Nh2vyrU2MpNTdaPTZ2KF1dk3wMJHAKtC7A==

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/302599/ 147 B
322 B 351ms
105ms XHR
application/json 34.251.112.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/302599/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.0e32ccb9bfd67090f5ca.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.112.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-112-219.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a82fc6cdeed37975df9de2eb175b204a15a04b4d7d7ac579a2beb538d18bbca9

Request headers

Referer: https://www.sickkidsfoundation.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 05 Aug 2022 20:13:21 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 204 302599 Show response
vc.hotjar.io/sessions/ 0
258 B 180ms
83ms XHR
text/plain 108.139.29.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/302599?s=0.25&r=0.13232928237776975
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.0e32ccb9bfd67090f5ca.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-40.jfk50.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:21 GMT
via: 1.1 9e2ddd398256c10ffc55c184e0cf83b6.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: JFK50-P2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: bp_zvtRekJY6WEhSXmdE9OfqOcVxr_Cul54OZb_9VL0-iwQPBkxRrQ==

GET
H/1.1 200
OK app_open Show response
ads.connectedinteractive.com/api/web/100/8092782a3475b91c78e512ffafa20c56/ 2 B
572 B 112ms
48ms XHR
text/html 135.84.189.37
ASTUTEHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.connectedinteractive.com/api/web/100/8092782a3475b91c78e512ffafa20c56/app_open?pool_uuid=6734126025a7260601b3c8a0d513d7bf&pool_region=c067baed90058f4caf2aaf15ece497f8&ci_js_uuid=43b00c4c-b138-4700-919d-44adb62a8013&cb=1659730401726
Requested by: Host: d3htn85c6cao65.cloudfront.net
URL: https://d3htn85c6cao65.cloudfront.net/libraries/ci_events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.84.189.37 Toronto, Canada, ASN54527 (ASTUTEHOSTING, CA),
Reverse DNS
Software: nginx/1.16.0 / PHP/7.4.29
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 20:13:21 GMT
PMM-Response: 0
Server: nginx/1.16.0
X-Powered-By: PHP/7.4.29
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://www.sickkidsfoundation.com
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK 10784Monthly-LP-Retargeting Show response
ads.connectedinteractive.com/api/web/100/8092782a3475b91c78e512ffafa20c56/ 145 B
537 B 116ms
51ms XHR
text/html 135.84.189.37
ASTUTEHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.connectedinteractive.com/api/web/100/8092782a3475b91c78e512ffafa20c56/10784Monthly-LP-Retargeting?pool_uuid=6734126025a7260601b3c8a0d513d7bf&pool_region=c067baed90058f4caf2aaf15ece497f8&ci_js_uuid=43b00c4c-b138-4700-919d-44adb62a8013&cb=1659730401726
Requested by: Host: d3htn85c6cao65.cloudfront.net
URL: https://d3htn85c6cao65.cloudfront.net/libraries/ci_events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.84.189.37 Toronto, Canada, ASN54527 (ASTUTEHOSTING, CA),
Reverse DNS
Software: nginx/1.16.0 / PHP/7.4.29
Resource Hash: eb651673d966f77afdabf0f28889227a8ba3ee4e8ddcf38341a031cdbf62a6b4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 20:13:21 GMT
PMM-Response: 0
Server: nginx/1.16.0
X-Powered-By: PHP/7.4.29
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://www.sickkidsfoundation.com
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK 10783--LP-Retargeting Show response
ads.connectedinteractive.com/api/web/100/c4a103bd3358fe0206b987b42fac6906/ 2 B
393 B 112ms
48ms XHR
text/html 135.84.189.37
ASTUTEHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.connectedinteractive.com/api/web/100/c4a103bd3358fe0206b987b42fac6906/10783--LP-Retargeting?pool_uuid=6734126025a7260601b3c8a0d513d7bf&pool_region=c067baed90058f4caf2aaf15ece497f8&ci_js_uuid=43b00c4c-b138-4700-919d-44adb62a8013&cb=1659730401726
Requested by: Host: d3htn85c6cao65.cloudfront.net
URL: https://d3htn85c6cao65.cloudfront.net/libraries/ci_events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.84.189.37 Toronto, Canada, ASN54527 (ASTUTEHOSTING, CA),
Reverse DNS
Software: nginx/1.16.0 / PHP/7.4.29
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 20:13:21 GMT
PMM-Response: 0
Server: nginx/1.16.0
X-Powered-By: PHP/7.4.29
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://www.sickkidsfoundation.com
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame 3487 3 KB
1 KB 260ms
259ms Document
text/html 184.29.128.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=970762ed-79e1-4100-8116-ef342c9bc5e2&no_iframe=1&exsync=https%3A%2F%2Fc212.net%2Fc%2Fsync%3Fu%3D%26c%3DUS%26dmpId%3D1%26pid%3D%5BMM_UUID%5D&mt_lim=1&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/js?sync=auto&exsync=https%3A%2F%2Fc212.net%2Fc%2Fsync%3Fu%3D%26c%3DUS%26dmpId%3D1%26pid%3D%5BMM_UUID%5D&mt_lim=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.29.128.222 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-29-128-222.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master iad-pixel-x30 config:1.0.0 /
Resource Hash: 3947ffbc5074de7604c42155769b0944fec992e82c920712246031a692e6326e

Request headers

Referer: https://www.sickkidsfoundation.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 941
Content-Type: text/html
Date: Fri, 05 Aug 2022 20:13:22 GMT
Expires: Fri, 05 Aug 2022 20:13:21 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4475 c1dc35a master iad-pixel-x30 config:1.0.0
Vary: Accept-Encoding

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ 43 B
524 B 65ms
29ms Image
image/gif 184.29.128.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.29.128.222 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-29-128-222.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master iad-pixel-x3 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 20:13:21 GMT
Server: MT3 4475 c1dc35a master iad-pixel-x3 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 05 Aug 2022 20:13:20 GMT

OPTIONS
H2 200 tp2
c.jabmo.app/com.snowplowanalytics.snowplow/ Frame 0
0 316ms
98ms Preflight 34.248.70.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.jabmo.app/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.70.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-70-121.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.sickkidsfoundation.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.sickkidsfoundation.com
access-control-max-age: 5
content-length: 0
date: Fri, 05 Aug 2022 20:13:22 GMT
server: nginx

POST
H2 200 tp2 Show response
c.jabmo.app/com.snowplowanalytics.snowplow/ 2 B
328 B 425ms
230ms XHR
text/plain 34.248.70.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.jabmo.app/com.snowplowanalytics.snowplow/tp2
Requested by: Host: d22d1xpx4ztuef.cloudfront.net
URL: https://d22d1xpx4ztuef.cloudfront.net/snowplow-javascript-tracker-3.5.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.70.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-70-121.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.sickkidsfoundation.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.sickkidsfoundation.com
date: Fri, 05 Aug 2022 20:13:22 GMT
access-control-allow-credentials: true
server: nginx
content-type: text/plain; charset=UTF-8
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H/1.1 200
OK / Show response
api.ipify.org/ 14 B
251 B 109ms
26ms XHR
text/plain 3.220.57.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/
Requested by: Host: t.jabmo.app
URL: https://t.jabmo.app/tag?az=aWRTdWJzY3JpYmVyPTI5MjI
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.220.57.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-57-224.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 2c381d93603f3780affb837e00934d0b7a3f82e655e99b5be3b6d30c24cd382d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 20:13:21 GMT
Via: 1.1 vegur
Server: Cowboy
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.sickkidsfoundation.com
Connection: keep-alive
Content-Length: 14

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4749
Redirect Chain

https://insight.adsrvr.org/track/conv/?adv=tkox4xf&ct=0:iug12rh&fmt=3
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a5173ca8-93cc-432e-80bf-397a15d1c04c&expiration=1662322401&gdpr=0&gdpr_consent=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a5173ca8-93cc-432e-80bf-397a15d1c04c&expiration=1662322401&gdpr=0&gdpr_consent=&C=1

43 B
947 B

82ms
61ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a5173ca8-93cc-432e-80bf-397a15d1c04c&expiration=1662322401&gdpr=0&gdpr_consent=&C=1
Requested by: Host: 5627812.fls.doubleclick.net
URL: https://5627812.fls.doubleclick.net/ddm/fls/r/dc_pre=CLql9sfBsPkCFfAKaAgddZEOtQ;src=5627812;type=sickk0;cat=sickk0;ord=4137422941129;gtm=2wg830;auiddc=2099963878.1659730401;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://5627812.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 736231647c68a235-YYZ
pragma: no-cache
date: Fri, 05 Aug 2022 20:13:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pF%2FVLHHOOGrx7rrjK0X1H2JqVQuYMlRKz6yGWomLcHQ6%2FL7aWpJWE%2BA%2FL1bsX58jSEe3jkaNOjRAQ42VrV%2FgdVRoufmObhxNnJpRGgX2sxL3wCzRuSfoEbNQ%2FpmFnzg32i7BABaXkyYZlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 05 Aug 2022 20:13:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gbkNjvrqaIU7ZCfSXDlIi2AAbQ0UGzIXD3v8B3bl9eOhKoHwPJ9UBLwbY3chxKHCEWN1MV9tZlJeu9%2BAG713XpoEuFlFZGNIfV3JuE%2FZk2QcKIqf5hzFz4REWFW%2Fc8PwzWSlNrEVX0uhmw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=39&external_user_id=a5173ca8-93cc-432e-80bf-397a15d1c04c&expiration=1662322401&gdpr=0&gdpr_consent=&C=1
cache-control: no-cache
cf-ray: 736231640efda234-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 / Show response
d.agkn.com/iframe/8301/ Frame FBF2 343 B
902 B 94ms
39ms Document
text/html 2600:9000:2349:4000:19:fc2c:a140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.agkn.com/iframe/8301/?che=828170446&type=3888903
Requested by: Host: 5627812.fls.doubleclick.net
URL: https://5627812.fls.doubleclick.net/ddm/fls/r/dc_pre=CLql9sfBsPkCFfAKaAgddZEOtQ;src=5627812;type=sickk0;cat=sickk0;ord=4137422941129;gtm=2wg830;auiddc=2099963878.1659730401;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2349:4000:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 521cee3884da643fafcf11d44f1599abb166cfc20c730385e4cd273b7fedab92

Request headers

Referer: https://5627812.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-cache, must-revalidate
content-length: 343
content-type: text/html;charset=UTF-8
date: Fri, 05 Aug 2022 20:13:21 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 792fd72f7da1e5732d6b6173dea66aa8.cloudfront.net (CloudFront)
x-amz-cf-id: DagbpsxiHqbKJRLBu4fvVU9n0qSYDY99ljwbokw1ry7QwV0F9I-bRw==
x-amz-cf-pop: YTO50-P1
x-cache: Miss from cloudfront

GET
H2 200 / Show response
d.agkn.com/iframe/8300/ Frame 5AB6 223 B
775 B 91ms
38ms Document
text/html 2600:9000:2349:4000:19:fc2c:a140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.agkn.com/iframe/8300/?che=828170446&type=3888903
Requested by: Host: 5627812.fls.doubleclick.net
URL: https://5627812.fls.doubleclick.net/ddm/fls/r/dc_pre=CLql9sfBsPkCFfAKaAgddZEOtQ;src=5627812;type=sickk0;cat=sickk0;ord=4137422941129;gtm=2wg830;auiddc=2099963878.1659730401;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2349:4000:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 52a1d0f52f460e327988c355867521b4de4af61472d94935afb22dd20cfea935

Request headers

Referer: https://5627812.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-cache, must-revalidate
content-length: 223
content-type: text/html;charset=UTF-8
date: Fri, 05 Aug 2022 20:13:21 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 792fd72f7da1e5732d6b6173dea66aa8.cloudfront.net (CloudFront)
x-amz-cf-id: _GrZ3L1d-NOvv4dGrAq81YsmWO_lxkoySpLmvVUkWnwnI7fX5KLPFw==
x-amz-cf-pop: YTO50-P1
x-cache: Miss from cloudfront

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 4749 99 KB
26 KB 19ms
18ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 5627812.fls.doubleclick.net
URL: https://5627812.fls.doubleclick.net/ddm/fls/r/dc_pre=CLql9sfBsPkCFfAKaAgddZEOtQ;src=5627812;type=sickk0;cat=sickk0;ord=4137422941129;gtm=2wg830;auiddc=2099963878.1659730401;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

504178d8f9ce2c6276178139240bf8a86bb59bf611230105aeebd05d09a6004f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://5627812.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26465
x-xss-protection: 0
pragma: public
x-fb-debug: AbsX3Lb7Hc41hqsgBG0+QRvnCzja1ey5jVYYMmJgYhrii6tqNHbOhGinN1iuP9M0soPsYbChib7ZXJfUYAQm3w==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 05 Aug 2022 20:13:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

src=8353444;dc_pre=CPnimsjBsPkCFUM8wQodYcwDkA;type=invmedia;cat=pmmblpuf;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=8353444;type=invmedia;cat=pmmblpuf;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=8353444;dc_pre=CPnimsjBsPkCFUM8wQodYcwDkA;type=invmedia;cat=pmmblpuf;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
https://adservice.google.com/ddm/fls/z/src=8353444;dc_pre=CPnimsjBsPkCFUM8wQodYcwDkA;type=invmedia;cat=pmmblpuf;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

42 B
63 B

82ms
41ms

Image
image/gif

2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=8353444;dc_pre=CPnimsjBsPkCFUM8wQodYcwDkA;type=invmedia;cat=pmmblpuf;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 20:13:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 Aug 2022 20:13:21 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=8353444;dc_pre=CPnimsjBsPkCFUM8wQodYcwDkA;type=invmedia;cat=pmmblpuf;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1728472720702530 Show response
connect.facebook.net/signals/config/ Frame 4749 293 KB
84 KB 19ms
19ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1728472720702530?v=2.9.71&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d395a7fd0d97d09dbf41ce1c0792b4297c0c3655db31c0f1da1df5bcdf7c8a4c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://5627812.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85903
x-xss-protection: 0
pragma: public
x-fb-debug: H4j4pSr9DER+olm0kABGoEH6s5Nv7Vxf46zy4HqW33m1own5NIIr3U4lXDrpL9r65YdDxDvyN6/KHU1Ugif8HQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 05 Aug 2022 20:13:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame 4749 44 B
91 B 40ms
18ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1728472720702530&ev=PageView&dl=https%3A%2F%2F5627812.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCLql9sfBsPkCFfAKaAgddZEOtQ%3Bsrc%3D5627812%3Btype%3Dsickk0%3Bcat%3Dsickk0%3Bord%3D4137422941129%3Bgtm%3D2wg830%3Bauiddc%3D2099963878.1659730401%3B~oref%3Dhttps%253A%252F%252Fwww.sickkidsfoundation.com%252F&rl=https%3A%2F%2Fadservice.google.com%2F&if=true&ts=1659730401900&sw=1600&sh=1200&v=2.9.71&r=stable&ec=0&o=30&it=1659730401861&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://5627812.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 05 Aug 2022 20:13:21 GMT

GET
H2 204 adjabmo
t.jabmo.app/ 0
138 B 100ms
99ms Image
text/plain 63.32.10.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.jabmo.app/adjabmo?ai=0&ip=149.56.153.189&sid=2922&spduid=47765edb-a0c7-48fb-be6d-620583e1963e
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.10.192 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-10-192.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:21 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 18ms
18ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=250085185187976&ev=Microdata&dl=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&rl=&if=false&ts=1659730401927&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22SickKids%20Foundation%20%7C%20Donate%22%2C%22meta%3Adescription%22%3A%22Your%20donations%20directly%20support%20SickKids%20Foundation.%20%20Funds%20are%20distributed%20in%20the%20areas%20of%20most%20need%20including%20research%2C%20clinical%20advances%20and%20compassionate%20care%20at%20The%20Hospital%20for%20Sick%20Children.%22%2C%22meta%3Akeywords%22%3A%22SickKids%20Foundation%2C%20hospital%20foundation%2C%20children%27s%20hospital%20foundation%2C%20donate%2C%20donate%20online%2C%20children%27s%20charity%2C%20fund%20the%20fight%2C%20fundthefight.ca%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22I%27ve%20joined%20the%20fight!%22%2C%22og%3Adescription%22%3A%22Join%20us.%20Make%20a%20gift%20with%20a%20lasting%20impact%20by%20becoming%20a%20SickKids%20monthly%20donor%20today.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.sickkidsfoundation.com%2F-%2Fmedia%2Fimages%2Fskf%2Fhomepage%2Ffall-2019%2F1019030-i-donated-post-image.ashx%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.71&r=stable&ec=1&o=30&fbp=fb.1.1659730401423.1294009924&it=1659730401293&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 05 Aug 2022 20:13:21 GMT

GET
H2

200

g.pixel
aa.agkn.com/adscores/ Frame FBF2
Redirect Chain

https://aa.agkn.com/adscores/ra.pixel?sid=9212273008
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adadvisor&ttd_tpi=1
https://aa.agkn.com/adscores/g.pixel?sid=9312270958&tdid=a5173ca8-93cc-432e-80bf-397a15d1c04c

43 B
679 B

30ms
30ms

Image
image/gif

108.138.128.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9312270958&tdid=a5173ca8-93cc-432e-80bf-397a15d1c04c
Requested by: Host: d.agkn.com
URL: https://d.agkn.com/iframe/8301/?che=828170446&type=3888903
Protocol: H2
Server: 108.138.128.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-21.jfk50.r.cloudfront.net
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d.agkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 20:13:22 GMT
via: 1.1 609b92127df3778f333c9eba7213368e.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: JFK50-P4
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
content-type: image/gif
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
x-amz-cf-id: srdXudVnmmCCfsNy5PF6cCIa7DPLr7p4eEiSLgD1MMZ9G9mrGaIR1A==
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 05 Aug 2022 20:13:22 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://aa.agkn.com/adscores/g.pixel?sid=9312270958&tdid=a5173ca8-93cc-432e-80bf-397a15d1c04c
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 217

POST
H2 200 content Show response
ws14.hotjar.com/api/v2/sites/302599/recordings/ 66 B
262 B 4222ms
852ms XHR
application/json 52.19.194.187

General

Check archive.org

Show headers Download Go to

Full URL: https://ws14.hotjar.com/api/v2/sites/302599/recordings/content
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.0e32ccb9bfd67090f5ca.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.194.187 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3830375501e9e43af706521915177d16f924dda09e795ce2e61e2b78472cd986

Request headers

Referer: https://www.sickkidsfoundation.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 05 Aug 2022 20:13:26 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 3487 43 B
517 B 40ms
39ms Image
image/gif 184.29.128.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mop_seq=0:1&mt_cb=510857&mop_top=
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=970762ed-79e1-4100-8116-ef342c9bc5e2&no_iframe=1&exsync=https%3A%2F%2Fc212.net%2Fc%2Fsync%3Fu%3D%26c%3DUS%26dmpId%3D1%26pid%3D%5BMM_UUID%5D&mt_lim=1&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.29.128.222 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-29-128-222.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master iad-pixel-x16 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=970762ed-79e1-4100-8116-ef342c9bc5e2&no_iframe=1&exsync=https%3A%2F%2Fc212.net%2Fc%2Fsync%3Fu%3D%26c%3DUS%26dmpId%3D1%26pid%3D%5BMM_UUID%5D&mt_lim=1&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 20:13:22 GMT
Server: MT3 4475 c1dc35a master iad-pixel-x16 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 05 Aug 2022 20:13:21 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 3487 43 B
524 B 32ms
32ms Image
image/gif 184.29.128.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=970762ed-79e1-4100-8116-ef342c9bc5e2&no_iframe=1&exsync=https%3A%2F%2Fc212.net%2Fc%2Fsync%3Fu%3D%26c%3DUS%26dmpId%3D1%26pid%3D%5BMM_UUID%5D&mt_lim=1&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.29.128.222 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-29-128-222.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master iad-pixel-x4 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=970762ed-79e1-4100-8116-ef342c9bc5e2&no_iframe=1&exsync=https%3A%2F%2Fc212.net%2Fc%2Fsync%3Fu%3D%26c%3DUS%26dmpId%3D1%26pid%3D%5BMM_UUID%5D&mt_lim=1&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 20:13:22 GMT
Server: MT3 4475 c1dc35a master iad-pixel-x4 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 05 Aug 2022 20:13:21 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 19ms
19ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1728472720702530&ev=Microdata&dl=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&rl=&if=false&ts=1659730402063&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22SickKids%20Foundation%20%7C%20Donate%22%2C%22meta%3Adescription%22%3A%22Your%20donations%20directly%20support%20SickKids%20Foundation.%20%20Funds%20are%20distributed%20in%20the%20areas%20of%20most%20need%20including%20research%2C%20clinical%20advances%20and%20compassionate%20care%20at%20The%20Hospital%20for%20Sick%20Children.%22%2C%22meta%3Akeywords%22%3A%22SickKids%20Foundation%2C%20hospital%20foundation%2C%20children%27s%20hospital%20foundation%2C%20donate%2C%20donate%20online%2C%20children%27s%20charity%2C%20fund%20the%20fight%2C%20fundthefight.ca%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22I%27ve%20joined%20the%20fight!%22%2C%22og%3Adescription%22%3A%22Join%20us.%20Make%20a%20gift%20with%20a%20lasting%20impact%20by%20becoming%20a%20SickKids%20monthly%20donor%20today.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.sickkidsfoundation.com%2F-%2Fmedia%2Fimages%2Fskf%2Fhomepage%2Ffall-2019%2F1019030-i-donated-post-image.ashx%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.71&r=stable&ec=1&o=30&fbp=fb.1.1659730401423.1294009924&it=1659730401293&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 05 Aug 2022 20:13:22 GMT

GET
H2 200 sync
c212.net/c/ Frame 3487 0
260 B 40ms
39ms Image
text/plain 108.138.128.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c212.net/c/sync?u=&c=US&dmpId=1&pid=970762ed-79e1-4100-8116-ef342c9bc5e2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-28.jfk50.r.cloudfront.net
Software: Jetty(9.4.31.v20200723) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:23 GMT
via: 1.1 f7c13eeb01f01c4623bb4e70dbaa731a.cloudfront.net (CloudFront)
server: Jetty(9.4.31.v20200723)
x-amz-cf-pop: JFK50-P4
x-cache: Miss from cloudfront
server-timing: intid;desc=ba50fdba44ccbe5d
content-length: 0
x-amz-cf-id: TTY0xMwkbB096dPjdE_kUXGBvmTCIi2WGqbOH4eyZLmxePMO7hIoSw==

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 3487 43 B
516 B 38ms
37ms Image
image/gif 184.29.128.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mop_seq=1:1&mt_cb=953346&check=970762ed-79e1-4100-8116-ef342c9bc5e2&mop_top=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.29.128.222 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-29-128-222.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master iad-pixel-x3 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=970762ed-79e1-4100-8116-ef342c9bc5e2&no_iframe=1&exsync=https%3A%2F%2Fc212.net%2Fc%2Fsync%3Fu%3D%26c%3DUS%26dmpId%3D1%26pid%3D%5BMM_UUID%5D&mt_lim=1&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 20:13:23 GMT
Server: MT3 4475 c1dc35a master iad-pixel-x3 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 05 Aug 2022 20:13:22 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame 4749 44 B
88 B 19ms
18ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1728472720702530&ev=Microdata&dl=https%3A%2F%2F5627812.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCLql9sfBsPkCFfAKaAgddZEOtQ%3Bsrc%3D5627812%3Btype%3Dsickk0%3Bcat%3Dsickk0%3Bord%3D4137422941129%3Bgtm%3D2wg830%3Bauiddc%3D2099963878.1659730401%3B~oref%3Dhttps%253A%252F%252Fwww.sickkidsfoundation.com%252F&rl=https%3A%2F%2Fadservice.google.com%2F&if=true&ts=1659730403404&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.71&r=stable&ec=1&o=30&it=1659730401861&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://5627812.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 20:13:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 05 Aug 2022 20:13:23 GMT

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

73 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 05:03:36	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
c212.net/c	1970-01-20 09:28:34	Name: c Value: 0%3Af9e2300%3A78548b1a%3A62ed79e1%3A4447
www.sickkidsfoundation.com/	1969-12-31 23:59:59	Name: shell#lang Value: en
www.sickkidsfoundation.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: svd2skyv1rq4y1zfkd451tcw
.sickkidsfoundation.com/	1970-01-20 13:46:56	Name: visid_incap_901569 Value: uMgRMbBHRqevQTnUKJjEhOB57WIAAAAAQUIPAAAAAAAQnBrIpyKijM5DNYvdAtk6
.sickkidsfoundation.com/	1969-12-31 23:59:59	Name: incap_ses_1316_901569 Value: c10mdK06DkS5I7vchF9DEuB57WIAAAAAHeIKkUTgS7+6vrE2lHygOg==
www.sickkidsfoundation.com/	1970-01-20 05:02:10	Name: ___utmvc Value: YPDJs9CL9mJVcQE600kTF9oRtEfxdlaP7tI39i1/xh45IjI5+x/NtGtDxBeE7P52RLJXlGlZVj2CkhOPmEgu+Qsvb4EnFHGcB/XRKoXJzUm+T6jdb2oRNN0nPTVmHjSKMbbYSwoKmSaqJIckzZS8IO2uuIZQBsBIvhwK68XFY1DezaBWZc9JeHEOkbg4cmPyi3c2xLpNz37DvMXUcXb8q+1dg0T/5OkcR1UL1sgz0688zR2ji1LjP3dWvunJdG0gmn6Sex4LVZUdZD0d9D/BfKYl0LtEFJX3ldHNA0IXa97o3Rz5psebwfBM+uLfMe8DdvGSjm1qv43iWvTdLCJLPpWVJJg4Pi7UOA238Gwrr+HvU4y03sImW9+g+zzCkDNAnoIfqTbtXYKBlwoqEKFST9cQoJFoBNSj3wvJTW0bj0qwIm/i/yTZIr9UnlPcbsBrcHcKSKXnt9vNcoSNdTJ01cQY0hyIzyN5Nh6kPdGetv784qyuG9XZyOUG4wDY5V24W2UZ0mBRj7adBoNLDKPjrB2AKw6QMrZ7Fpt2ZUuZ9CE6JehJEs28B/d0epERW6l2k+pHgs89W/FA3QiL6yOEvywV2CILO2q37umzTzdar+odrAUoHVfndSKlLLhyLC5GWpuz3+Aai7ad1hEUZvYBXQcFtFMyWCAyGeDcMXYFkMgpzsbN/HtaML+E3RnNqyr4BvUV8I79NgMyHfqJLHtDdsp+HKZR5nY5elErrDSolGOMA9rUhi1LY26EklDP80z3rz2pDmg/pd7COKnNLQ5TJ6UulOFTUTsnj6iYUNEeHEq54m21K8CUykIwHpZKgbphuM2RZbgoW5FW2gBwKs76WY2V2k3BoaA4zA24uvTPJYPn/FQyt93TH4hukzRz9FptP+T6wNdPoVeStRdxKbTivxqBqxARKmKpoFqGeXI1UWYB6fzqZ/DAxcVRwAZ5zeNTUG7P00HJ5AgLRzcHqZB8UauNSdDyUwDCoF1OGF6HMmqW/vnFFs2DwSjgwkp7n3ieVgjGdJnHC9Zd5nYNx0y+QJL+hYdCwWo0DnHy9nrc+vWNZQ0f/TGlQom99QQBldhkn6h+6bmCC8n87RfF+vHBQvwLrJJOuW8ATG1Ip4mkBL/l2bTBGqeWyjdZjGgESbT/P7NVBvL8TfoU7rDTzqEIhpGrc2517pxFSphIK96ImVLZw2y0WSdDix2k88B3r/NQpM41KnAgYTK1EN/Tb7WPMXqDIkSx3G6pFkdwAH6f4GTkKDWVsup07RVICTp/azUzKU0e0y6goUdlKQX4NpSBub3bNX3Q8zih6HdNYdC9githeoS4ySZKQwIdrSJ7F5917Z85zkWPiLNa9gE1XVRZ5TAuTBlTqCeYfyRyYv0MgR//ZLeX7mXzCNtG5hjOkKAkpzoQJACfnFJS42LkQH2op5hITSHmx3jV+vJu+SSjrnJN8dZCxRTfs8uzDBwFIQZfZvD8B1c67i+kcosxzY+b3jWfCKJugHD8EfrZRJEHW8XEI4fVlwRUSefmRbmGhrqfs6t0EFvam35esWWRAuGdbhgL/R1sHe4czeZ04oxRQa9rYNKVZngN6M3GKj5xYGPBl3cwfgOed6rD8TrIfNa1cDXAcVIIZGnY/ErxJWQcSDzJspb7R8otpEfLrI0rKdiMtevNy4w5MDd8Exmn4nWf+fB6FpUGor7JRRMiQOK3KEZ28b5pC7CfWGjRXcBMOZ/OT2+LIyyg5iZ/XmOJZs6Dfu7oVO6MljbhCXUSbJ3/kyL38MlI+eeFQxXVBENXtqONzgUtHyQ54tcprU3tXwMwTR3rWrDxs6j2OEipNfaFF47QwA3iD9NOxa14MM14sUZiVFYyePv53HkK/i78E2ZxiSAm5AUAw8+5LiVvJ4xjzpVAtsieEwB8O6Q1lIO7x/RUV8B/hQHiJ56bCmfoQTG9eQa99jqnjL/N5rMpgx8NcOBdd0c36g8r6FUsWF/eik/L3pXXVxwg4Q3GU6uct5e4ccTRsogd+xRS9GNeiVmt4ay13GOFT+4wsCi7nX42GizIuOv8Ovmz4wvAYC8b+mo7v5N6Z8+EZW6bhTcFkDkLey79Yg+RjIZ0GZfY9xTsm867AhcobN7PmEjsVB3knbVUKiUT1zG9IlKGAMvTBDbiA2YTYUKnkLb1Cc67hrMSRC0qoTfu18khE4jq6ysCpWya9Sekx0wTfvoN3TqhM8mESJzaRQNity0LV5sTH3sp5357Eoc6mXbwL69MCIHx9n1zJlse4XS58Z59Oz7SBQbHlmQMVRf9uDty8GRfATOJwx0q9Xz95IrNSPNTYSIY/fjqPGMfQOjq1aS3Iy73YsUslq2xZdPPxPYJDuun5Y2MUPmIwEa+xZu/hdQ3JX2hsqsgVeNccw5rSOSC3xtPq90ZvOXio1AxMJlkkJmzEs7eJkXGPq9cAOpTGoiNJu6O/4ibrutg57Mf8lD5F4VtrF56Sh2uuwtbLCvhE127WJjO03QNA+oLhSOdyqY8OSIeLdFIooh5gv6aMI+7fzYDbtgcUzu5oFKOi9z2SssGcN/X2fv8W6cOIm+zlO3cb63KbXGqta4I1PDR2TuxxTDicArEM3LENbrQnxfpge6ewEXVoRKc/VdD0iVViyXmpqk3PdjXhZZAOYZzjaCEASzoxeG9qHR2RJKfFuLPbYRE4DXedrwYLGRpZ2VzdD0xODMxNDIscz05NGFiYWQ2NDc1YTc3NGFlODg5YTk3YTE3OTcwOTg3OWFjNjk3ODlkOWI3YjY5OTg3OTkxYTQ4MjdlODc4NWFhYWNhOTg4Njg5NTlmNzA2ZQ==
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: GiqXvxs1jdc
.youtube.com/	1970-01-20 09:21:22	Name: VISITOR_INFO1_LIVE Value: ARqGPPqurSI
.bing.com/	1970-01-20 14:23:46	Name: MUID Value: 22F15C8D53F86A3B175C4D7A52526BB9
.bat.bing.com/	1970-01-20 05:12:15	Name: MR Value: 0
.sickkidsfoundation.com/	1970-01-20 05:03:36	Name: _uetsid Value: 0d4e4f4014fb11edb5228518feeed97f
.sickkidsfoundation.com/	1970-01-20 14:23:46	Name: _uetvid Value: 0d4e846014fb11edb3432775e50e2e07
.sickkidsfoundation.com/	1970-01-20 07:11:46	Name: _gcl_au Value: 1.1.2099963878.1659730401
.sickkidsfoundation.com/	1970-01-20 14:38:10	Name: _ga Value: GA1.2.1473900862.1659730401
.sickkidsfoundation.com/	1970-01-20 05:03:36	Name: _gid Value: GA1.2.2140449538.1659730401
.sickkidsfoundation.com/	1970-01-20 05:02:10	Name: _dc_gtm_UA-66351416-1 Value: 1
.adsrvr.org/	1970-01-20 13:47:46	Name: TDID Value: a5173ca8-93cc-432e-80bf-397a15d1c04c
.sickkidsfoundation.com/	1970-01-20 14:31:57	Name: _scid Value: 78f481d1-bdc3-4cd2-ac82-ef7da80316e8
.sickkidsfoundation.com/	1970-01-20 07:11:46	Name: _fbp Value: fb.1.1659730401423.1294009924
.linkedin.com/	1970-01-20 07:11:46	Name: li_sugr Value: 9ade370c-fd09-4a15-a4ea-bde9985b4114
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 13:47:46	Name: bcookie Value: "v=2&b32c3e9b-58e2-4db6-80e6-fabecddd3a6c"
.linkedin.com/	1970-01-20 05:03:36	Name: lidc Value: "b=TGST02:s=T:r=T:a=T:p=T:g=2843:u=1:x=1:i=1659730401:t=1659816801:v=2:sig=AQGgR1DZ1prCV88d4TGCWognRJVjbpUL"
.t.co/	1970-01-20 14:38:10	Name: muc_ads Value: f38a5e74-f400-4179-b9b8-35ce78b02d7e
.twitter.com/	1970-01-20 14:38:10	Name: personalization_id Value: "v1_owdq0mAODg6VoQ7mNTfSng=="
.yahoo.com/	1970-01-20 13:48:08	Name: A3 Value: d=AQABBOF57WICEHgb3bKRjpg-atYtm-4kGbIFEgEBAQHL7mL3YgAAAAAA_eMAAA&S=AQAAAiGQPs6ZFq0W5hvLiDGLqmA
.doubleclick.net/	1970-01-20 14:38:10	Name: IDE Value: AHWqTUnwuaoeSj2reExlux6H_gbC7Y6PN4WM9l_cixEHf6KTzNNPFVB834xPptub
.tiktok.com/	1970-01-20 14:23:46	Name: _ttp Value: 2Cx3RevYJyYwJM5yeC50BTkEljG
.sickkidsfoundation.com/	1970-01-20 14:23:46	Name: _tt_enable_cookie Value: 1
.sickkidsfoundation.com/	1970-01-20 14:23:46	Name: _ttp Value: 1035b6f2-02fe-419f-958b-b39af566958d
.linkedin.com/	1970-01-20 05:45:22	Name: UserMatchHistory Value: AQJBfZi39JHyBAAAAYJvpBkNQYnxUx18DiBqtucGPzvBdFGP_VUZZFKvpye2bHIGv5W1O2ERG7RGiw
.linkedin.com/	1970-01-20 05:45:22	Name: AnalyticsSyncHistory Value: AQJyo1x12ycAlgAAAYJvpBkNH1SvkUxvKDQIfa9AFoeAcDkRrx-T80C-2zoZREdHc2N0Q4SO1yltATUtPzqYWA
.crwdcntrl.net/	1970-01-20 11:30:57	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 11:30:57	Name: _cc_id Value: 6734126025a7260601b3c8a0d513d7bf
.crwdcntrl.net/	1970-01-20 11:30:58	Name: _cc_cc Value: "ACZ4XmNQMDM3NjE0MjMwMk00B1JmBoZJxskWiQYppobGKeZJaQxAkPS28iGIhgCeJy8%2B6jIeTmX4z8jIsOlPIYz5bPEcFhj73NFDzDD2941T4OK7910WgIkfRlK%2Fev1Tbpj42s8P9WDsySfUYcx3SxDG9yKEAVrWPw8%3D"
.crwdcntrl.net/	1970-01-20 11:30:58	Name: _cc_aud Value: "ABR4XmNgYGBIelv5EEhBACMDW%2FoCIBMAOCMDuA%3D%3D"
.facebook.com/	1970-01-20 07:11:46	Name: fr Value: 0CIqI38gBw5cYRuyv..Bi7Xnh...1.0.Bi7Xnh.
.sickkidsfoundation.com/	1970-01-20 13:47:46	Name: _hjSessionUser_302599 Value: eyJpZCI6IjFjYzc2ODA4LTJhNmYtNTE5NC1hYjExLTk1Zjc0YzZjZGZjMSIsImNyZWF0ZWQiOjE2NTk3MzA0MDE2MjUsImV4aXN0aW5nIjpmYWxzZX0=
.sickkidsfoundation.com/	1970-01-20 05:02:12	Name: _hjFirstSeen Value: 1
www.sickkidsfoundation.com/	1970-01-20 05:02:10	Name: _hjIncludedInSessionSample Value: 1
.sickkidsfoundation.com/	1970-01-20 05:02:12	Name: _hjSession_302599 Value: eyJpZCI6Ijk3YTA3NDBjLWRjZmItNDQxNy1hMjYyLWVmOGU3NWU1MjcwMSIsImNyZWF0ZWQiOjE2NTk3MzA0MDE2NjksImluU2FtcGxlIjp0cnVlfQ==
www.sickkidsfoundation.com/	1970-01-20 05:02:10	Name: _hjIncludedInPageviewSample Value: 1
.sickkidsfoundation.com/	1970-01-20 05:02:12	Name: _hjAbsoluteSessionInProgress Value: 1
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.www.linkedin.com/	1970-01-20 13:47:46	Name: bscookie Value: "v=1&202208052013218a955ba7-cf1f-41de-804a-2d4b8cc9577eAQEjBgu1aqw2J1RhiB00ma8BHA5jJy3e"
.ct.pinterest.com/	1970-01-20 13:47:46	Name: _pinterest_ct_ua Value: "TWc9PSZkd3ZZQ2xMK0hhMGVOeVRmSkF5L2hKVGhGRE4rT3VEaFBzSXZpTkVueEE5c3lxTVEyYTZPeWVodVNEOE1LUWJNYm5sWTZWY1k1NFpjRm9LK1pQdFpDZVZBcXg0UFduTmRvTUEwbWMxVkJoZz0mN0lzaVdYekxDR3d1N2NnSWZkUmk3SlY1bk9rPQ=="
.sickkidsfoundation.com/	1970-01-20 13:47:46	Name: _pin_unauth Value: dWlkPU56RXhNV1ZrWkRVdFpUVXdNeTAwWkdFeExXRXlNMkl0WlRaaU56Vm1abVE0WWpJMw
.mathtag.com/	1970-01-20 14:28:05	Name: uuid Value: 970762ed-79e1-4100-8116-ef342c9bc5e2
.sickkidsfoundation.com/	1970-01-20 05:02:12	Name: JabmoSP0ses.106a Value: *
.adnxs.com/	1970-01-20 07:11:46	Name: uuid2 Value: 5526285292266926060
.sickkidsfoundation.com/	1970-01-20 13:47:46	Name: JabmoSP0id.106a Value: 47765edb-a0c7-48fb-be6d-620583e1963e.1659730402.1.1659730402..61f0fb9b-666e-4da5-adb3-64d6329eb646..6a770892-a042-4c8e-9bad-91b896df4017.1659730401809.1
.demdex.net/	1970-01-20 09:21:22	Name: demdex Value: 83247176186528588312006478925341804952
.connectedinteractive.com/	1970-01-20 05:02:14	Name: 8092782a3475b91c78e512ffafa20c56_open Value: 1659730401
.mathtag.com/	1970-01-20 05:45:22	Name: mt_misc Value: mt_bt:1
.dpm.demdex.net/	1970-01-20 09:21:22	Name: dpm Value: 83247176186528588312006478925341804952
.mxptint.net/	1970-01-20 14:38:10	Name: mxpim Value: R35CA9_F4270826_FE84BE8.1.62ED79E162ED79E1000000000000000000000000000000000000000062ED79E1
.agkn.com/	1970-01-20 13:47:46	Name: u Value: C\|0AEAqgDZhKoA2YQAAAAAAAQygAQCA
.analytics.yahoo.com/	1970-01-20 13:47:46	Name: IDSYNC Value: "1769~26f8:17mu~26f8"
.casalemedia.com/	1970-01-20 07:11:46	Name: CMPS Value: 020
.agkn.com/	1970-01-20 13:47:46	Name: ab Value: 0001%3AW7OMoHeaAIckXA3Rg4XS%2B30OJMaPP5oyt9qTn81D90p%2FF4bBxwlNeA%3D%3D
.adsymptotic.com/	1970-01-20 07:11:46	Name: U Value: 2733183bb0662315954a18ace008a2e0
.casalemedia.com/	1970-01-20 13:47:46	Name: CMID Value: Yu154RwPDshtvwKSGUXmBAAA
.casalemedia.com/	1970-01-20 07:11:46	Name: CMTS Value: 101
.casalemedia.com/	1970-01-20 07:11:46	Name: CMPRO Value: 020
.adsrvr.org/	1970-01-20 13:47:46	Name: TDCPM Value: CAESGQoKcmlnaHRtZWRpYRILCKbloJ-fyvs6EAUSFQoGZ29vZ2xlEgsIvJjmop_K-zoQBRIXCghhcHBuZXh1cxILCJiygKSfyvs6EAUSFQoGY2FzYWxlEgsImLKApJ_K-zoQBRIYCglhZGFkdmlzb3ISCwj8sfqln8r7OhAFGAEgASgCMgsI_Kn90rXK-zoQBTgBWglhZGFkdmlzb3JgAg..
.tapad.com/	1970-01-20 06:28:34	Name: TapAd_TS Value: 1659730402076
.tapad.com/	1970-01-20 06:28:34	Name: TapAd_DID Value: ea3fadd9-30f5-4179-a4cb-adfb2aaed7ca
.mathtag.com/	1970-01-20 05:45:22	Name: mt_mop Value:
.tapad.com/	1970-01-20 06:28:34	Name: TapAd_3WAY_SYNCS Value:
.snapchat.com/	1970-01-20 14:23:46	Name: sc_at Value: v2\|H4sIAAAAAAAAAE3IyQ0AIAgEwIpIFkEUu/HAKixen/4m41Ow5ygENyNdyaladoqovAQZ0XFY0fhtESjS+YgL8qBwN0AAAAA=
.sickkidsfoundation.com/	1970-01-20 14:31:57	Name: _sctr Value: 1\|1659657600000
c.jabmo.app/	1970-01-20 13:47:46	Name: sp Value: bf32a466-2ac1-4cc3-8ef7-6d2e3b6c8919

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5627812.fls.doubleclick.net
aa.agkn.com
ad.crwdcntrl.net
ad.doubleclick.net
ads.connectedinteractive.com
adservice.google.ca
adservice.google.com
aep.mxptint.net
analytics.tiktok.com
analytics.twitter.com
api.ipify.org
bat.bing.com
bcp.crwdcntrl.net
c.jabmo.app
c212.net
cdn.c212.net
cm.g.doubleclick.net
cm.teads.tv
connect.facebook.net
ct.pinterest.com
d.agkn.com
d22d1xpx4ztuef.cloudfront.net
d3htn85c6cao65.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
ib.adnxs.com
in.hotjar.com
insight.adsrvr.org
match.adsrvr.org
mpp.mxptint.net
p.adsymptotic.com
p.teads.tv
pixel.mathtag.com
pixel.tapad.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.pinimg.com
sc-static.net
script.hotjar.com
secure.adnxs.com
sickkidsfoundation.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
t.jabmo.app
t.teads.tv
tr.snapchat.com
ups.analytics.yahoo.com
vars.hotjar.com
vc.hotjar.io
ws14.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.sickkidsfoundation.com
www.youtube.com
104.18.100.194
104.18.19.126
104.244.42.131
104.244.42.133
104.77.9.133
107.154.138.76
107.178.246.49
108.138.106.49
108.138.113.246
108.138.113.94
108.138.128.21
108.138.128.28
108.139.29.40
108.139.47.15
13.107.42.14
13.226.39.89
135.84.189.37
142.250.64.98
142.250.72.98
142.250.81.230
146.75.36.157
184.29.128.222
184.51.149.8
23.205.73.204
23.208.216.207
2600:1400:d:485::1931
2600:141b:13::17d7:82d9
2600:9000:2140:8600:a:ac8:89c0:21
2600:9000:2349:4000:19:fc2c:a140:93a1
2600:9000:23ca:d400:16:cfb1:a0c0:93a1
2607:f8b0:4004:c06::9b
2607:f8b0:4006:806::2002
2607:f8b0:4006:808::200e
2607:f8b0:4006:80f::2002
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81d::2008
2607:f8b0:4006:81f::200e
2607:f8b0:4006:822::2003
2620:1ec:21::14
2620:1ec:c11::200
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:83:face:b00c:0:25de
3.218.90.66
3.220.57.224
34.248.70.121
34.251.112.219
35.190.43.134
38.68.201.139
4.78.226.224
52.19.194.187
52.20.245.254
52.223.40.198
52.71.37.99
54.221.252.20
63.32.10.192
68.67.179.166
68.67.179.87
06ee1945f49d2b63fb4bd1e21c880cfd59480b896aa570edf42d46a78706947c
0a00d5c9c8368a6afbac094dbaa312c0f75fe445f57aeb23bcda10a34c058698
0dbe4e359691cb6e52645dd62f303ca38a794fc0007ce21216c970618bf34c3f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10fdc76cd92396525cf18941196d2251aa4d0c05ba2a0a5421e3af99c01503ae
1287fc0aa84dc8d13adf7173f344a0143511840be8c95fa6203396984a462d4b
14e0e9e6ada3040dacca5c75fa38a833a2c07e07313f4c597da40c0a9d563d90
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
1598d5561779547d3fb26f8c6d016653de34203d8ac2b711cc64cb22356db68a
198f185492b002abf346368e3c4ef32ba0113626d588e607e5ed1997bc9c8906
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26eb748e49a7e6bee16c9c39b840ea1adc636378968e30758710b0c1a12dbe14
284168cb2e2253b0929593454e37ab19224bb6999158b750983a645574f69c84
2978a3d244df5e7d0506b3e61ca3cf236477c2f9fb5d84b89fd1d14e3b8f1f6d
2c08928b43b494e2c39af88ed94c3e5ab393546ba52d8bf5b66d66fd4dafe803
2c381d93603f3780affb837e00934d0b7a3f82e655e99b5be3b6d30c24cd382d
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
36643988694291e3a9c48fb0e1ccaa78b8bea699a0fc1468be8648324af042af
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
37890dea5b2726064a174b28b90faf16d51fed898d0f37e2fb0342161593d68c
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3830375501e9e43af706521915177d16f924dda09e795ce2e61e2b78472cd986
3947ffbc5074de7604c42155769b0944fec992e82c920712246031a692e6326e
3959fe434251fc2dd24eef0f92b8f2d3e17681625b3dd392b1bf73a8c83cc7f9
3b534eeaf216d2e54730d1c9bb15344f4b78712e6c781d31555585c51651e989
406e6ea57a19595b0e6786f2774801bf150aa9adea1c102abd6127632fcbdc5b
44cec66e8f45f1c1573be7ee656b280f475f07b608982b8e68c742363d202ee1
4dc49a19c403757d93e641380b6324631fb222a6784d945d8f42a379c5c5d6ad
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
504178d8f9ce2c6276178139240bf8a86bb59bf611230105aeebd05d09a6004f
51f7f156fa7d1ca539d8c26cc8f8e4dfc5c8ebe6d75c1ec906a3bac51e202120
521cee3884da643fafcf11d44f1599abb166cfc20c730385e4cd273b7fedab92
52a1d0f52f460e327988c355867521b4de4af61472d94935afb22dd20cfea935
5936571d06af1a93f93d3bd38199ed2fc23927e1e81cad6ee3ce2ef8545f92b7
5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a
61ed697adcb10f1530bf63fd24d054c4b349911eb7e32d73300ebec8b792af65
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
694bc35fc07d7091b82ee02e6b7cbcacc69edb23c9dfd515a18647d684456c51
6bf87e574d8b2927a82170f0d6dbca56e1bd9268a74df333fd342fc6cf7eac76
76173e18853b7588c8073a15ad272aa302508bab48185240b1e4cff86fe2df8e
7641b6626459a876451588bb7b10ed335864a772059289d20d974d27da3edd14
764321796f5e9fa203bf462c491502a824f60e5e1a5f81be8f00cad70528207b
7e0ffaf0eb7ecca4fe8ce427d739276c40d8f58abf5cca3bc2bc93d1c57cb787
7fc4e7e24bdfb9955a95e4ff4904f160455ff3ff48fd88aead4bad5153ba0a67
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83570984ac066eae1a59773c11bfef094e6557791d7456d492b306c8257adf43
8435aa6b4c48c34a0c144ef1ff3a9ff10559ecc2b4331c8de0673923032266f3
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8b273fe0ae11dfeb96f7a56f1b5ecd2d76500147927ad557356faa5227d17032
905de7fd4899868cd6349387996673bd1cdfe3768d409f844bd8b0796b0f35ec
92d37ecd96baf17cac29d16b9f2ff45ef00d4179e5d1f7ab786a4005d3b8e2ff
9611157a5a58bb3e7b32b98a53aaa7f8ef7043e1748a638923f567cb01cfcb3d
972e56b6d9bddf1dfeae52d4b4c897b6497c4c059f726249b96a8a4799c6e61e
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9e9b9462f61f896d43260f5da0d1919e8a114f29169ec31a31b2abf9379fe481
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1bf879a3115ddb215eee5d6b1a485e36f14050a390cda9491811126e002e5f8
a303d6ba92b9b5d22861b018f39d9e43065599b28ec4a3b5273734c45ba12fab
a49269a2f8ab7309ca84625b07bcbb03bf6aec02c1b21d57cf9459b4220f73db
a67117312ce631cdfc251dfbb90058bc01e3849deb0cd7fed130745b5813d1b2
a82fc6cdeed37975df9de2eb175b204a15a04b4d7d7ac579a2beb538d18bbca9
a9bae822288365e478a012a878f420a8d882140366921b778ee6f04883aaa96b
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b34856ac1a650e37117d0bf1289a1008fd6cfa050226e173083358d963388a4c
b52e447ceb07898e04bd67b1a35269ca646c9cd7911dd5c3278435d9b5e09464
b6cb09e57c1ed08553566bda474cf9681c03fc4ba091731c81c78a6a4226740b
b8ea26b655664c090e9458919e81401c39f87d2e8a675663b1da92351840f067
bb7ee03a7dc851fb872f5fa8eea8c2427ae23f290455d7d00613bcbfe57bb751
bf73b3a52eb6d7a0034fe2d4059b8842ff7b3dd98e535ba6597239ad85302423
c5edc0a6a6d86fd6d723b61d5062a1a1e2bcf3b770cdb22d9ce5ec42ad963b6c
c6d25b91190cf44322848bd6d1af4d295f4f48e1fcb6bf2f56c6df37a8680284
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2dfbe6cc065a9c886a21d8844671f9511f12ceba4df247cd5cfae700701b570
d395a7fd0d97d09dbf41ce1c0792b4297c0c3655db31c0f1da1df5bcdf7c8a4c
d4461864b8c2ad337074dac173bb798528b7ae856ca76329b674ed537800d8be
d59748ac8b110553b27b3d4b832934fe6371e329a9e09d3ecce02221f3fb33db
d6af43677b5ee5433fab178cd71cfe6e141078fb257c7a73bc320ec9766f3e02
d6bc239a6993be3a5ed13249ff2d27e4e3bc80a30bbd6df2ff92b4db0ad1d996
d81237edecc60b20a8149e60a4b396187e1f7028d8146e906408962153b269b3
dca58500f438ec6575ea685c3c62c79448f6e450335ffce71db418169a897e13
df594535b89c39169b9e7f80a44941fb3bb2ad772dde6a907d65079ff4705543
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6d9b490bde45d14a4f88a44e74bd6043a7cad3239acc7fbebbf4be122ef308a
eb651673d966f77afdabf0f28889227a8ba3ee4e8ddcf38341a031cdbf62a6b4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f70d6b776764d40f70d36c0d47cbf3cf94d8cfa967b5249d986c0dc5e6f8ab89
f7d647330ef8b48d3f3c4474cae466809967e6b17c95ff9a0ce4ba90679daf2c
fe815d5343e0ce079c6b1c5cec27cc7bd12669b374f11c0477349d73e417599c

www.sickkidsfoundation.com Open in urlscan Pro 107.154.138.76 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

137 Requests

95 %HTTPS

30 %IPv6

40 Domains

63 Subdomains

47 IPs

4 Countries

2856 kBTransfer

5409 kBSize

73 Cookies

12 Outgoing links

Page URL History

Redirected requests

137 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.sickkidsfoundation.com Open in urlscan Pro
107.154.138.76 Public Scan

Screenshot
Live screenshot

Full Image

137
Requests

95 %
HTTPS

30 %
IPv6

40
Domains

63
Subdomains

47
IPs

4
Countries

2856 kB
Transfer

5409 kB
Size

73
Cookies

137 HTTP transactions
1 data transactions